Merge pull request #24674 from frederic34/instance_unique_id

use $conf->file->instance_unique_id instead of $dolibarr_main_instance_unique_id
2023-05-05 01:46:14 +02:00 · 2023-05-05 01:46:14 +02:00 · a77b7ca395
commit a77b7ca395
parent 717afc4613 9d29ae8f10
7 changed files with 26 additions and 23 deletions
--- a/htdocs/core/lib/security.lib.php
+++ b/htdocs/core/lib/security.lib.php
@ -108,11 +108,11 @@ function dolGetRandomBytes($length)

 /**
 *	Encode a string with a symetric encryption. Used to encrypt sensitive data into database.
- *  Note: If a backup is restored onto another instance with a different $dolibarr_main_instance_unique_id, then decoded value will differ.
+ *  Note: If a backup is restored onto another instance with a different $conf->file->instance_unique_id, then decoded value will differ.
 *  This function is called for example by dol_set_const() when saving a sensible data into database configuration table llx_const.
 *
 *	@param   string		$chain		string to encode
- *	@param   string		$key		If '', we use $dolibarr_main_instance_unique_id
+ *	@param   string		$key		If '', we use $conf->file->instance_unique_id
 *  @param	 string		$ciphering	Default ciphering algorithm
 *  @param	 string		$forceseed	To force the seed
 *	@return  string					encoded string
@ -120,7 +120,7 @@ function dolGetRandomBytes($length)
 */
 function dolEncrypt($chain, $key = '', $ciphering = 'AES-256-CTR', $forceseed = '')
 {
-	global $dolibarr_main_instance_unique_id;
+	global $conf;
 	global $dolibarr_disable_dolcrypt_for_debug;

 	if ($chain === '' || is_null($chain)) {
@ -134,7 +134,7 @@ function dolEncrypt($chain, $key = '', $ciphering = 'AES-256-CTR', $forceseed =
 	}

 	if (empty($key)) {
-		$key = $dolibarr_main_instance_unique_id;
+		$key = $conf->file->instance_unique_id;
 	}
 	if (empty($ciphering)) {
 		$ciphering = 'AES-256-CTR';
@ -165,23 +165,23 @@ function dolEncrypt($chain, $key = '', $ciphering = 'AES-256-CTR', $forceseed =

 /**
 *	Decode a string with a symetric encryption. Used to decrypt sensitive data saved into database.
- *  Note: If a backup is restored onto another instance with a different $dolibarr_main_instance_unique_id, then decoded value will differ.
+ *  Note: If a backup is restored onto another instance with a different $conf->file->instance_unique_id, then decoded value will differ.
 *
 *	@param   string		$chain		string to encode
- *	@param   string		$key		If '', we use $dolibarr_main_instance_unique_id
+ *	@param   string		$key		If '', we use $conf->file->instance_unique_id
 *	@return  string					encoded string
 *  @see dolEncrypt(), dol_hash()
 */
 function dolDecrypt($chain, $key = '')
 {
-	global $dolibarr_main_instance_unique_id;
+	global $conf;

 	if ($chain === '' || is_null($chain)) {
 		return '';
 	}

 	if (empty($key)) {
-		$key = $dolibarr_main_instance_unique_id;
+		$key = $conf->file->instance_unique_id;
 	}

 	$reg = array();
--- a/htdocs/core/modules/mailings/modules_mailings.php
+++ b/htdocs/core/modules/mailings/modules_mailings.php
@ -180,7 +180,6 @@ class MailingTargets // This can't be abstract as it is used for some method
 	public function addTargetsToDatabase($mailing_id, $cibles)
 	{
 		global $conf;
-		global $dolibarr_main_instance_unique_id;

 		$this->db->begin();

@ -203,7 +202,7 @@ class MailingTargets // This can't be abstract as it is used for some method
 				$sql .= "'".$this->db->escape($targetarray['other'])."',";
 				$sql .= "'".$this->db->escape($targetarray['source_url'])."',";
 				$sql .= (empty($targetarray['source_id']) ? 'null' : "'".$this->db->escape($targetarray['source_id'])."'").",";
-				$sql .= "'".$this->db->escape(dol_hash($dolibarr_main_instance_unique_id.";".$targetarray['email'].";".$targetarray['lastname'].";".((int) $mailing_id).";".getDolGlobalString('MAILING_EMAIL_UNSUBSCRIBE_KEY'), 'md5'))."',";
+				$sql .= "'".$this->db->escape(dol_hash($conf->file->instance_unique_id.";".$targetarray['email'].";".$targetarray['lastname'].";".((int) $mailing_id).";".getDolGlobalString('MAILING_EMAIL_UNSUBSCRIBE_KEY'), 'md5'))."',";
 				$sql .= "'".$this->db->escape($targetarray['source_type'])."')";
 				dol_syslog(__METHOD__, LOG_DEBUG);
 				$result = $this->db->query($sql);
--- a/htdocs/core/tpl/passwordreset.tpl.php
+++ b/htdocs/core/tpl/passwordreset.tpl.php
@ -97,10 +97,10 @@ if ($setnewpassword && $username && $passworduidhash) {
 	if ($result < 0) {
 		$message = '<div class="error">'.dol_escape_htmltag($langs->trans("ErrorTechnicalError")).'</div>';
 	} else {
-		global $dolibarr_main_instance_unique_id;
+		global $conf;

-		//print $edituser->pass_temp.'-'.$edituser->id.'-'.$dolibarr_main_instance_unique_id.' '.$passworduidhash;
-		if ($edituser->pass_temp && dol_verifyHash($edituser->pass_temp.'-'.$edituser->id.'-'.$dolibarr_main_instance_unique_id, $passworduidhash)) {
+		//print $edituser->pass_temp.'-'.$edituser->id.'-'.$conf->file->instance_unique_id.' '.$passworduidhash;
+		if ($edituser->pass_temp && dol_verifyHash($edituser->pass_temp.'-'.$edituser->id.'-'.$conf->file->instance_unique_id, $passworduidhash)) {
 			// Clear session
 			unset($_SESSION['dol_login']);

--- a/htdocs/install/inc.php
+++ b/htdocs/install/inc.php
@ -407,6 +407,8 @@ function conf($dolibarr_main_document_root)
 	global $dolibarr_main_db_user;
 	global $dolibarr_main_db_pass;
 	global $character_set_client;
+	global $dolibarr_main_instance_unique_id;
+	global $dolibarr_main_cookie_cryptkey;

 	$return = include_once $dolibarr_main_document_root.'/core/class/conf.class.php';
 	if (!$return) {
@ -429,6 +431,8 @@ function conf($dolibarr_main_document_root)
 		$character_set_client = "UTF-8";
 	}
 	$conf->file->character_set_client = strtoupper($character_set_client);
+	// Unique id of instance
+	$conf->file->instance_unique_id = empty($dolibarr_main_instance_unique_id) ? (empty($dolibarr_main_cookie_cryptkey) ? '' : $dolibarr_main_cookie_cryptkey) : $dolibarr_main_instance_unique_id;
 	if (empty($dolibarr_main_db_character_set)) {
 		$dolibarr_main_db_character_set = ($conf->db->type == 'mysqli' ? 'utf8' : '');
 	}
--- a/htdocs/public/users/view.php
+++ b/htdocs/public/users/view.php
@ -62,8 +62,8 @@ $object->fetch($id, '', '', 1);
 $urlwithroot = DOL_MAIN_URL_ROOT; // This is to use same domain name than current. For Paypal payment, we can use internal URL like localhost.

 // Security check
-global $dolibarr_main_instance_unique_id;
-$encodedsecurekey = dol_hash($dolibarr_main_instance_unique_id.'uservirtualcard'.$object->id.'-'.$object->login, 'md5');
+global $conf;
+$encodedsecurekey = dol_hash($conf->file->instance_unique_id.'uservirtualcard'.$object->id.'-'.$object->login, 'md5');
 if ($encodedsecurekey != $securekey) {
 	httponly_accessforbidden('Bad value for securitykey or public profile not enabled');
 }
--- a/htdocs/user/class/user.class.php
+++ b/htdocs/user/class/user.class.php
@ -2451,11 +2451,11 @@ class User extends CommonObject

 			dol_syslog(get_class($this)."::send_password changelater is off, url=".$url);
 		} else {
-			global $dolibarr_main_instance_unique_id;
+			global $conf;

-			//print $password.'-'.$this->id.'-'.$dolibarr_main_instance_unique_id;
+			//print $password.'-'.$this->id.'-'.$conf->file->instance_unique_id;
 			$url = $urlwithroot.'/user/passwordforgotten.php?action=validatenewpassword';
-			$url .= '&username='.urlencode($this->login)."&passworduidhash=".urlencode(dol_hash($password.'-'.$this->id.'-'.$dolibarr_main_instance_unique_id));
+			$url .= '&username='.urlencode($this->login)."&passworduidhash=".urlencode(dol_hash($password.'-'.$this->id.'-'.$conf->file->instance_unique_id));
 			if (isModEnabled('multicompany')) {
 				$url .= '&entity='.(!empty($this->entity) ? $this->entity : 1);
 			}
@ -3894,10 +3894,10 @@ class User extends CommonObject
 	 */
 	public function getOnlineVirtualCardUrl($mode = '', $typeofurl = 'external')
 	{
-		global $dolibarr_main_instance_unique_id, $dolibarr_main_url_root;
+		global $dolibarr_main_url_root;
 		global $conf;

-		$encodedsecurekey = dol_hash($dolibarr_main_instance_unique_id.'uservirtualcard'.$this->id.'-'.$this->login, 'md5');
+		$encodedsecurekey = dol_hash($conf->file->instance_unique_id.'uservirtualcard'.$this->id.'-'.$this->login, 'md5');
 		if (isModEnabled('multicompany')) {
 			$entity_qr = '&entity='.((int) $conf->entity);
 		} else {
--- a/htdocs/user/passwordforgotten.php
+++ b/htdocs/user/passwordforgotten.php
@ -94,10 +94,10 @@ if (empty($reshook)) {
 		if ($result < 0) {
 			$message = '<div class="error">'.dol_escape_htmltag($langs->trans("ErrorTechnicalError")).'</div>';
 		} else {
-			global $dolibarr_main_instance_unique_id;
+			global $conf;

-			//print $edituser->pass_temp.'-'.$edituser->id.'-'.$dolibarr_main_instance_unique_id.' '.$passworduidhash;
-			if ($edituser->pass_temp && dol_verifyHash($edituser->pass_temp.'-'.$edituser->id.'-'.$dolibarr_main_instance_unique_id, $passworduidhash)) {
+			//print $edituser->pass_temp.'-'.$edituser->id.'-'.$conf->file->instance_unique_id.' '.$passworduidhash;
+			if ($edituser->pass_temp && dol_verifyHash($edituser->pass_temp.'-'.$edituser->id.'-'.$conf->file->instance_unique_id, $passworduidhash)) {
 				// Clear session
 				unset($_SESSION['dol_login']);
 				$_SESSION['dol_loginmesg'] = '<!-- warning -->'.$langs->transnoentitiesnoconv('NewPasswordValidated'); // Save message for the session page