lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Ajout: option d'encryption md5 des mots de passe dans la base, option inactive par dfaut

Browse Source
This commit is contained in:
Regis Houssin 2006-10-16 22:38:56 +00:00
parent fcc2a026a2
commit ab0c3f5e6e
3 changed files with 76 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
htdocs/admin/security.php
View File

@ -50,6 +50,18 @@ if ($_GET["action"] == 'setgeneraterule')
}
}
if ($_GET["action"] == 'activate_encrypt')
{
dolibarr_set_const($db, "DATABASE_PWD_ENCRYPTED", "1");
Header("Location: security.php");
exit;
}
else if ($_GET["action"] == 'disable_encrypt')
{
dolibarr_del_const($db, "DATABASE_PWD_ENCRYPTED");
Header("Location: security.php");
exit;
}
/*
* Affichage onglet
@ -138,15 +150,50 @@ foreach ($arrayhandler as $key => $module)
}
print "</td></tr>\n";
}
print '</table>';
print '</form>';
print '<br>';
// Bon de livraison activation/desactivation
$var=!$var;
print "<form method=\"post\" action=\"security.php\">";
print '<table class="noborder" width="100%">';
print '<tr class="liste_titre">';
print '<td colspan="2">'.$langs->trans("Encryption").'</td>';
print '<td>&nbsp;</td>';
print '<td align="center">'.$langs->trans("Activated").'</td>';
print '</tr>';
print "<input type=\"hidden\" name=\"action\" value=\"encrypt\">";
print "<tr ".$bc[$var].">";
print '<td>'.$langs->trans("EncryptedPasswordInDatabase").'</td>';
print '<td>&nbsp;</td>';
print '<td align="center" width="20">';
if($conf->global->DATABASE_PWD_ENCRYPTED == 1)
{
print img_tick();
}
print '</td>';
print '<td align="center" width="100">';
if($conf->global->DATABASE_PWD_ENCRYPTED == 0)
{
print '<a href="security.php?action=activate_encrypt">'.$langs->trans("Activate").'</a>';
}
else if($conf->global->DATABASE_PWD_ENCRYPTED == 1)
{
print '<a href="security.php?action=disable_encrypt">'.$langs->trans("Disable").'</a>';
}
print "</td>";
print '</tr>';
print '</table>';
print '</form>';
//print '<tr><td colspan="2" align="center"><input type="submit" class="button" value="'.$langs->trans("Save").'"></td></tr>';
print '</form>';
print '</div>';
$db->close();

11
htdocs/main.inc.php
View File

@ -106,12 +106,21 @@ if (! session_id() && ! isset($_SESSION["dol_user"]) && ! isset($_SESSION["dol_
$pear = $dolibarr_main_db_type.'://'.$dolibarr_main_db_user.':'.$dolibarr_main_db_pass.'@'.$dolibarr_main_db_host.'/'.$dolibarr_main_db_name;
if ($conf->global->DATABASE_PWD_ENCRYPTED)
{
$cryptType = "md5";
}
else
{
$cryptType = "none";
}
$params = array(
"dsn" => $pear,
"table" => MAIN_DB_PREFIX."user",
"usernamecol" => "login",
"passwordcol" => "pass",
"cryptType" => "none",
"cryptType" => $cryptType,
);
$aDol = new DOLIAuth("DB", $params, "dol_loginfunction");

16
htdocs/user.class.php
View File

@ -62,6 +62,7 @@ class User
var $admin;
var $login;
var $pass;
var $oldpass;
var $datec;
var $datem;
var $societe_id;
@ -776,11 +777,24 @@ class User
{
global $langs;
// Nettoyage parametres
$this->nom=trim($this->nom);
$this->prenom=trim($this->prenom);
$this->login=trim($this->login);
$this->pass=trim($this->pass);
if ($conf->global->DATABASE_PWD_ENCRYPTED)
{
$this->pass=trim($this->pass);
if ($this->oldpass != $this->pass)
{
$this->pass = md5($this->pass);
}
}
else
{
$this->pass=trim($this->pass);
}
$this->email=trim($this->email);
$this->note=trim($this->note);
$this->admin=$this->admin?$this->admin:0;