lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Qual: Simplification du code sur modif mots de passe

Browse Source
This commit is contained in:
Laurent Destailleur 2007-12-31 12:32:30 +00:00
parent d7c284244b
commit 438ec2acfa
7 changed files with 37 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
htdocs/adherents/adherent.class.php
View File

@ -560,7 +560,7 @@ class Adherent extends CommonObject
if ($this->pass != $this->pass_indatabase && $this->pass != $this->pass_indatabase_crypted) if ($this->pass != $this->pass_indatabase && $this->pass != $this->pass_indatabase_crypted)
{ {
// Si mot de passe saisi et different de celui en base // Si mot de passe saisi et different de celui en base
$result=$this->password($user,$this->pass,0,$notrigger); $result=$this->setPassword($user,$this->pass,0,$notrigger);
if (! $nbrowsaffected) $nbrowsaffected++; if (! $nbrowsaffected) $nbrowsaffected++;
} }
@ -787,7 +787,7 @@ class Adherent extends CommonObject
if ($result >= 0) if ($result >= 0)
{ {
$result=$luser->password($user,$this->pass,$conf->password_encrypted,0,0,1); $result=$luser->setPassword($user,$this->pass,0,0,1);
if ($result < 0) if ($result < 0)
{ {
$this->error=$luser->error; $this->error=$luser->error;

15
htdocs/admin/security.php
View File

@ -17,7 +17,6 @@
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
* *
* $Id$ * $Id$
* $Source$
*/ */
/** /**
@ -35,8 +34,8 @@ $langs->load("other");
if (!$user->admin) accessforbidden(); if (!$user->admin) accessforbidden();
// Do not allow change to clear model once passwords are crypted // Allow/Disallow change to clear passwords once passwords are crypted
$allow_disable_encryption=false; $allow_disable_encryption=true;
$mesg = ''; $mesg = '';
@ -264,25 +263,25 @@ $var=!$var;
print "<tr ".$bc[$var].">"; print "<tr ".$bc[$var].">";
print '<td colspan="3">'.$langs->trans("DoNotStoreClearPassword").'</td>'; print '<td colspan="3">'.$langs->trans("DoNotStoreClearPassword").'</td>';
print '<td align="center" width="60">'; print '<td align="center" width="60">';
if($conf->global->DATABASE_PWD_ENCRYPTED == 1) if ($conf->global->DATABASE_PWD_ENCRYPTED)
{ {
print img_tick(); print img_tick();
} }
print '</td>'; print '</td>';
if ($conf->global->DATABASE_PWD_ENCRYPTED == 0) if (! $conf->global->DATABASE_PWD_ENCRYPTED)
{ {
print '<td align="center" width="100">'; print '<td align="center" width="100">';
print '<a href="security.php?action=activate_encrypt">'.$langs->trans("Activate").'</a>'; print '<a href="security.php?action=activate_encrypt">'.$langs->trans("Activate").'</a>';
print "</td>"; print "</td>";
} }
if($conf->global->DATABASE_PWD_ENCRYPTED == 1) if($conf->global->DATABASE_PWD_ENCRYPTED)
{ {
print '<td align="center" width="100">'; print '<td align="center" width="100">';
if ($allow_disable_encryption) if ($allow_disable_encryption)
{ {
//On n'autorise pas l'annulation de l'encryption car les mots de passe ne peuvent pas être décodés //On n'autorise pas l'annulation de l'encryption car les mots de passe ne peuvent pas être décodés
//Do not allow "disable encryption" as passwords cannot be decrypted //Do not allow "disable encryption" as passwords cannot be decrypted
print '<a href="security.php?action=disable_encrypt">'.$langs->trans("Disable").'</a>'; print '<a href="security.php?action=disable_encrypt">'.$langs->trans("Disable").'</a>';
} }
else else
{ {

3
htdocs/conf/conf.class.php
View File

@ -346,9 +346,6 @@ class Conf
* Modification de quelques variable de conf en fonction des Constantes * Modification de quelques variable de conf en fonction des Constantes
*/ */
// Cryped password in database
$this->password_encrypted=(! empty($this->global->DATABASE_PWD_ENCRYPTED) ? 1 : 0);
// System tools // System tools
if (! $this->global->SYSTEMTOOLS_MYSQLDUMP) $this->global->SYSTEMTOOLS_MYSQLDUMP="mysqldump"; if (! $this->global->SYSTEMTOOLS_MYSQLDUMP) $this->global->SYSTEMTOOLS_MYSQLDUMP="mysqldump";

16
htdocs/main.inc.php
View File

@ -197,17 +197,6 @@ if (! isset($_SESSION["dol_login"]))
if (! empty($_POST["username"])) if (! empty($_POST["username"]))
{ {
// If test username/password asked, we define $test=false and $login var if ok, set $_SESSION["dol_loginmesg"] if ko // If test username/password asked, we define $test=false and $login var if ok, set $_SESSION["dol_loginmesg"] if ko
// \TODO Virer ce test et toujours faire le test sur le champ crypte
if ($conf->password_encrypted)
{
$cryptType = "md5";
$fieldtotest="pass_crypted";
}
else
{
$cryptType = "none";
$fieldtotest="pass";
}
$table = MAIN_DB_PREFIX."user"; $table = MAIN_DB_PREFIX."user";
$usernamecol = 'login'; $usernamecol = 'login';
@ -227,10 +216,15 @@ if (! isset($_SESSION["dol_login"]))
$passtyped=$_POST["password"]; $passtyped=$_POST["password"];
$passok=false; $passok=false;
// Check crypted password
$cryptType='';
if ($conf->global->DATABASE_PWD_ENCRYPTED) $cryptType='md5';
if ($cryptType == 'md5') if ($cryptType == 'md5')
{ {
if (md5($passtyped) == $passcrypted) $passok=true; if (md5($passtyped) == $passcrypted) $passok=true;
} }
// For compatibility with old versions // For compatibility with old versions
if (! $passok) if (! $passok)
{ {

15
htdocs/user.class.php
View File

@ -863,7 +863,7 @@ class User extends CommonObject
$result=$this->create(); $result=$this->create();
if ($result > 0) if ($result > 0)
{ {
$result=$this->password($user,$this->pass,$conf->password_encrypted); $result=$this->setPassword($user,$this->pass);
$sql = "UPDATE ".MAIN_DB_PREFIX."user"; $sql = "UPDATE ".MAIN_DB_PREFIX."user";
$sql.= " SET fk_member=".$member->id; $sql.= " SET fk_member=".$member->id;
@ -996,7 +996,7 @@ class User extends CommonObject
if ($this->pass != $this->pass_indatabase && $this->pass != $this->pass_indatabase_crypted) if ($this->pass != $this->pass_indatabase && $this->pass != $this->pass_indatabase_crypted)
{ {
// Si mot de passe saisi et different de celui en base // Si mot de passe saisi et different de celui en base
$result=$this->password($user,$this->pass,$conf->password_encrypted,0,$notrigger); $result=$this->setPassword($user,$this->pass,0,$notrigger);
if (! $nbrowsaffected) $nbrowsaffected++; if (! $nbrowsaffected) $nbrowsaffected++;
} }
@ -1141,20 +1141,19 @@ class User extends CommonObject
/** /**
* \brief Change le mot de passe d'un utilisateur * \brief Change le mot de passe d'un utilisateur
* \param user Object user de l'utilisateur qui fait la modification * \param user Object user de l'utilisateur qui fait la modification
* \param password Nouveau mot de passe (e generer si non communique) * \param password Nouveau mot de passe en clair (a generer si non communique)
* \param noclearpassword 0 ou 1 s'il ne faut pas stocker le mot de passe en clair
* \param changelater 1=Change password only after clicking on confirm email * \param changelater 1=Change password only after clicking on confirm email
* \param notrigger 1=Ne declenche pas les triggers * \param notrigger 1=Ne declenche pas les triggers
* \param nosyncmember Do not synchronize linked member * \param nosyncmember Do not synchronize linked member
* \return string If OK return clear password, 0 if no change, < 0 if error * \return string If OK return clear password, 0 if no change, < 0 if error
*/ */
function password($user, $password='', $noclearpassword=0, $changelater=0, $notrigger=0, $nosyncmember=0) function setPassword($user, $password='', $changelater=0, $notrigger=0, $nosyncmember=0)
{ {
global $conf, $langs; global $conf, $langs;
$error=0; $error=0;
dolibarr_syslog("User::Password user=".$user->id." password=".eregi_replace('.','*',$password)." noclearpassword=".$noclearpassword." changelater=".$changelater." notrigger=".$notrigger); dolibarr_syslog("User::Password user=".$user->id." password=".eregi_replace('.','*',$password)." changelater=".$changelater." notrigger=".$notrigger);
// Si nouveau mot de passe non communique, on genere par module // Si nouveau mot de passe non communique, on genere par module
if (! $password) if (! $password)
@ -1173,7 +1172,7 @@ class User extends CommonObject
$sql = "UPDATE ".MAIN_DB_PREFIX."user"; $sql = "UPDATE ".MAIN_DB_PREFIX."user";
$sql.= " SET pass_crypted = '".addslashes($password_crypted)."',"; $sql.= " SET pass_crypted = '".addslashes($password_crypted)."',";
$sql.= " pass_temp = null"; $sql.= " pass_temp = null";
if ($noclearpassword) if (! empty($conf->global->DATABASE_PWD_ENCRYPTED))
{ {
$sql.= ", pass = null"; $sql.= ", pass = null";
} }
@ -1205,7 +1204,7 @@ class User extends CommonObject
if ($result >= 0) if ($result >= 0)
{ {
$result=$adh->password($user,$this->pass,0,0,1); // Cryptage non gere dans module adherent $result=$adh->setPassword($user,$this->pass,0,1); // Cryptage non gere dans module adherent
if ($result < 0) if ($result < 0)
{ {
$this->error=$adh->error; $this->error=$adh->error;

28
htdocs/user/fiche.php
View File

@ -46,7 +46,7 @@ $candisableperms=($user->admin || $user->rights->user->user->supprimer);
// Defini si peux lire/modifier info user ou mot de passe // Defini si peux lire/modifier info user ou mot de passe
if ($_GET["id"]) if ($_GET["id"])
{ {
// $user est le user qui edite, $_GET["id"] est l'id de l'utilisateur edité // $user est le user qui edite, $_GET["id"] est l'id de l'utilisateur edit<EFBFBD>
$caneditfield=( (($user->id == $_GET["id"]) && $user->rights->user->self->creer) $caneditfield=( (($user->id == $_GET["id"]) && $user->rights->user->self->creer)
|| (($user->id != $_GET["id"]) && $user->rights->user->user->creer) ); || (($user->id != $_GET["id"]) && $user->rights->user->user->creer) );
$caneditpassword=( (($user->id == $_GET["id"]) && $user->rights->user->self->password) $caneditpassword=( (($user->id == $_GET["id"]) && $user->rights->user->self->password)
@ -164,7 +164,7 @@ if ($_POST["action"] == 'add' && $canadduser)
{ {
if (isset($_POST['password']) && trim($_POST['password'])) if (isset($_POST['password']) && trim($_POST['password']))
{ {
$edituser->password($user,trim($_POST['password']),$conf->password_encrypted); $edituser->setPassword($user,trim($_POST['password']),$conf->global->DATABASE_PWD_ENCRYPTED);
} }
$db->commit(); $db->commit();
@ -261,7 +261,7 @@ if ($_POST["action"] == 'update' && ! $_POST["cancel"] && $caneditfield)
} }
if ($ret >= 0 && isset($_POST["password"]) && $_POST["password"] !='') if ($ret >= 0 && isset($_POST["password"]) && $_POST["password"] !='')
{ {
$ret=$edituser->password($user,$_POST["password"],$conf->password_encrypted,1); $ret=$edituser->setPassword($user,$_POST["password"],1);
if ($ret < 0) if ($ret < 0)
{ {
$message.='<div class="error">'.$edituser->error.'</div>'; $message.='<div class="error">'.$edituser->error.'</div>';
@ -303,7 +303,7 @@ if ((($_POST["action"] == 'confirm_password' && $_POST["confirm"] == 'yes')
$edituser = new User($db, $_GET["id"]); $edituser = new User($db, $_GET["id"]);
$edituser->fetch(); $edituser->fetch();
$newpassword=$edituser->password($user,'',$conf->password_encrypted); $newpassword=$edituser->setPassword($user,'');
if ($newpassword < 0) if ($newpassword < 0)
{ {
// Echec // Echec
@ -398,7 +398,7 @@ if (($action == 'create') || ($action == 'adduserldap'))
{ {
/* ************************************************************************** */ /* ************************************************************************** */
/* */ /* */
/* Affichage fiche en mode création */ /* Affichage fiche en mode cr<EFBFBD>ation */
/* */ /* */
/* ************************************************************************** */ /* ************************************************************************** */
@ -667,7 +667,7 @@ if (($action == 'create') || ($action == 'adduserldap'))
} }
print "</td></tr>\n"; print "</td></tr>\n";
// Autres caractéristiques issus des autres modules // Autres caract<EFBFBD>ristiques issus des autres modules
// Module Webcalendar // Module Webcalendar
if ($conf->webcal->enabled) if ($conf->webcal->enabled)
@ -716,7 +716,7 @@ else
$message .= $ldap->error; $message .= $ldap->error;
} }
//On vérifie les options du compte //On v<EFBFBD>rifie les options du compte
foreach ($ldap->uacf as $key => $statut) foreach ($ldap->uacf as $key => $statut)
{ {
if ($key == 65536) if ($key == 65536)
@ -740,7 +740,7 @@ else
/* /*
* Confirmation réinitialisation mot de passe * Confirmation r<EFBFBD>initialisation mot de passe
*/ */
if ($action == 'password') if ($action == 'password')
{ {
@ -758,7 +758,7 @@ else
} }
/* /*
* Confirmation désactivation * Confirmation d<EFBFBD>sactivation
*/ */
if ($action == 'disable') if ($action == 'disable')
{ {
@ -940,7 +940,7 @@ else
print '<td>'.dolibarr_print_date($fuser->datepreviouslogin,"dayhour").'</td>'; print '<td>'.dolibarr_print_date($fuser->datepreviouslogin,"dayhour").'</td>';
print "</tr>\n"; print "</tr>\n";
// Autres caractéristiques issus des autres modules // Autres caract<EFBFBD>ristiques issus des autres modules
// Module Webcalendar // Module Webcalendar
if ($conf->webcal->enabled) if ($conf->webcal->enabled)
@ -963,7 +963,7 @@ else
print "</tr>\n"; print "</tr>\n";
} }
// Module Adhérent // Module Adh<EFBFBD>rent
if ($conf->adherent->enabled) if ($conf->adherent->enabled)
{ {
$langs->load("members"); $langs->load("members");
@ -1048,7 +1048,7 @@ else
print_fiche_titre($langs->trans("ListOfGroupsForUser")); print_fiche_titre($langs->trans("ListOfGroupsForUser"));
// On sélectionne les groups // On s<EFBFBD>lectionne les groups
$uss = array(); $uss = array();
$sql = "SELECT ug.rowid, ug.nom "; $sql = "SELECT ug.rowid, ug.nom ";
@ -1094,7 +1094,7 @@ else
} }
/* /*
* Groupes affectés * Groupes affect<EFBFBD>s
*/ */
$sql = "SELECT g.rowid, g.nom "; $sql = "SELECT g.rowid, g.nom ";
$sql .= " FROM ".MAIN_DB_PREFIX."usergroup as g"; $sql .= " FROM ".MAIN_DB_PREFIX."usergroup as g";
@ -1384,7 +1384,7 @@ else
print $fuser->getLibStatut(4); print $fuser->getLibStatut(4);
print '</td></tr>'; print '</td></tr>';
// Autres caractéristiques issus des autres modules // Autres caract<EFBFBD>ristiques issus des autres modules
// Module Webcalendar // Module Webcalendar
if ($conf->webcal->enabled) if ($conf->webcal->enabled)

4
htdocs/user/passwordforgotten.php
View File

@ -68,7 +68,7 @@ if ($_GET["action"] == 'validatenewpassword' && $_GET["username"] && $_GET["pass
{ {
if (md5($edituser->pass_temp) == $_GET["passwordmd5"]) if (md5($edituser->pass_temp) == $_GET["passwordmd5"])
{ {
$newpassword=$edituser->password($user,$edituser->pass_temp,$conf->password_encrypted,0); $newpassword=$edituser->setPassword($user,$edituser->pass_temp,0);
dolibarr_syslog("passwordforgotten.php new password for user->id=".$edituser->id." validated in database"); dolibarr_syslog("passwordforgotten.php new password for user->id=".$edituser->id." validated in database");
//session_start(); //session_start();
//$_SESSION["loginmesg"]=$langs->trans("PasswordChanged"); //$_SESSION["loginmesg"]=$langs->trans("PasswordChanged");
@ -112,7 +112,7 @@ if ($_POST["action"] == 'buildnewpassword' && $_POST["username"])
} }
else else
{ {
$newpassword=$edituser->password($user,'',$conf->password_encrypted,1); $newpassword=$edituser->setPassword($user,'',1);
if ($newpassword < 0) if ($newpassword < 0)
{ {
// Echec // Echec