Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

Fix: add md5 password for OpenLdap

Browse Source
This commit is contained in:
Regis Houssin
2017-03-13 15:00:44 +01:00
parent a40142460d
commit 017d73792c
3 changed files with 87 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
htdocs/core/lib/security.lib.php
View File

@@ -1,6 +1,6 @@
<?php
/* Copyright (C) 2008-2011 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2008-2012 Regis Houssin <regis.houssin@capnetworks.com>
* Copyright (C) 2008-2017 Regis Houssin <regis.houssin@capnetworks.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -74,7 +74,7 @@ function dol_decode($chain)
* If constant MAIN_SECURITY_SALT is defined, we use it as a salt.
*
* @param string $chain String to hash
* @param int $type Type of hash (0:auto, 1:sha1, 2:sha1+md5, 3:md5). Use 3 here, if hash is not needed for security purpose, for security need, prefer 0.
* @param int $type Type of hash (0:auto, 1:sha1, 2:sha1+md5, 3:md5, 4:md5 for OpenLdap). Use 3 here, if hash is not needed for security purpose, for security need, prefer 0.
* @return string Hash of string
*/
function dol_hash($chain,$type=0)
@@ -87,6 +87,7 @@ function dol_hash($chain,$type=0)
if ($type == 1) return sha1($chain);
else if ($type == 2) return sha1(md5($chain));
else if ($type == 3) return md5($chain);
else if ($type == 4) return '{md5}'.base64_encode(mhash(MHASH_MD5,$chain)); // For OpenLdap with md5
else if (! empty($conf->global->MAIN_SECURITY_HASH_ALGO) && $conf->global->MAIN_SECURITY_HASH_ALGO == 'sha1') return sha1($chain);
else if (! empty($conf->global->MAIN_SECURITY_HASH_ALGO) && $conf->global->MAIN_SECURITY_HASH_ALGO == 'sha1md5') return sha1(md5($chain));
@@ -343,7 +344,7 @@ function restrictedArea($user, $features, $objectid=0, $tableandshare='', $featu
* This function is also called by restrictedArea
*
* @param User $user User to check
* @param array $featuresarray Features/modules to check. Example: ('user','service')
* @param array $featuresarray Features/modules to check. Example: ('user','service')
* @param int $objectid Object ID if we want to check a particular record (optional) is linked to a owned thirdparty (optional).
* @param string $tableandshare 'TableName&SharedElement' with Tablename is table where object is stored. SharedElement is an optional key to define where to check entity for multicompany modume. Param not used if objectid is null (optional).
* @param string $feature2 Feature to check, second level of permission (optional). Can be or check with 'level1|level2'.
@@ -367,7 +368,7 @@ function checkUserAccessToObject($user, $featuresarray, $objectid=0, $tableandsh
// For backward compatibility
if ($feature == 'member') $feature='adherent';
$check = array('adherent','banque','user','usergroup','produit','service','produit|service','categorie'); // Test on entity only (Objects with no link to company)
$checksoc = array('societe'); // Test for societe object
$checkother = array('contact'); // Test on entity and link to societe. Allowed if link is empty (Ex: contacts...).