diff --git a/htdocs/adherents/adherent.class.php b/htdocs/adherents/adherent.class.php index 64ad0df8b8e..bf1071908a0 100644 --- a/htdocs/adherents/adherent.class.php +++ b/htdocs/adherents/adherent.class.php @@ -560,7 +560,7 @@ class Adherent extends CommonObject if ($this->pass != $this->pass_indatabase && $this->pass != $this->pass_indatabase_crypted) { // Si mot de passe saisi et different de celui en base - $result=$this->password($user,$this->pass,0,$notrigger); + $result=$this->setPassword($user,$this->pass,0,$notrigger); if (! $nbrowsaffected) $nbrowsaffected++; } @@ -787,7 +787,7 @@ class Adherent extends CommonObject if ($result >= 0) { - $result=$luser->password($user,$this->pass,$conf->password_encrypted,0,0,1); + $result=$luser->setPassword($user,$this->pass,0,0,1); if ($result < 0) { $this->error=$luser->error; diff --git a/htdocs/admin/security.php b/htdocs/admin/security.php index 6dc971f8035..b11471cb554 100644 --- a/htdocs/admin/security.php +++ b/htdocs/admin/security.php @@ -17,7 +17,6 @@ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * * $Id$ - * $Source$ */ /** @@ -35,8 +34,8 @@ $langs->load("other"); if (!$user->admin) accessforbidden(); -// Do not allow change to clear model once passwords are crypted -$allow_disable_encryption=false; +// Allow/Disallow change to clear passwords once passwords are crypted +$allow_disable_encryption=true; $mesg = ''; @@ -264,25 +263,25 @@ $var=!$var; print ""; print ''.$langs->trans("DoNotStoreClearPassword").''; print ''; -if($conf->global->DATABASE_PWD_ENCRYPTED == 1) +if ($conf->global->DATABASE_PWD_ENCRYPTED) { print img_tick(); } print ''; -if ($conf->global->DATABASE_PWD_ENCRYPTED == 0) +if (! $conf->global->DATABASE_PWD_ENCRYPTED) { print ''; print ''.$langs->trans("Activate").''; print ""; } -if($conf->global->DATABASE_PWD_ENCRYPTED == 1) +if($conf->global->DATABASE_PWD_ENCRYPTED) { print ''; if ($allow_disable_encryption) { //On n'autorise pas l'annulation de l'encryption car les mots de passe ne peuvent pas être décodés - //Do not allow "disable encryption" as passwords cannot be decrypted - print ''.$langs->trans("Disable").''; + //Do not allow "disable encryption" as passwords cannot be decrypted + print ''.$langs->trans("Disable").''; } else { diff --git a/htdocs/conf/conf.class.php b/htdocs/conf/conf.class.php index 696300a52b6..dc5f9538df5 100644 --- a/htdocs/conf/conf.class.php +++ b/htdocs/conf/conf.class.php @@ -346,9 +346,6 @@ class Conf * Modification de quelques variable de conf en fonction des Constantes */ - // Cryped password in database - $this->password_encrypted=(! empty($this->global->DATABASE_PWD_ENCRYPTED) ? 1 : 0); - // System tools if (! $this->global->SYSTEMTOOLS_MYSQLDUMP) $this->global->SYSTEMTOOLS_MYSQLDUMP="mysqldump"; diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index e1b6b0a33fe..2115f8a208b 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -197,17 +197,6 @@ if (! isset($_SESSION["dol_login"])) if (! empty($_POST["username"])) { // If test username/password asked, we define $test=false and $login var if ok, set $_SESSION["dol_loginmesg"] if ko - // \TODO Virer ce test et toujours faire le test sur le champ crypte - if ($conf->password_encrypted) - { - $cryptType = "md5"; - $fieldtotest="pass_crypted"; - } - else - { - $cryptType = "none"; - $fieldtotest="pass"; - } $table = MAIN_DB_PREFIX."user"; $usernamecol = 'login'; @@ -227,10 +216,15 @@ if (! isset($_SESSION["dol_login"])) $passtyped=$_POST["password"]; $passok=false; + + // Check crypted password + $cryptType=''; + if ($conf->global->DATABASE_PWD_ENCRYPTED) $cryptType='md5'; if ($cryptType == 'md5') { if (md5($passtyped) == $passcrypted) $passok=true; } + // For compatibility with old versions if (! $passok) { diff --git a/htdocs/user.class.php b/htdocs/user.class.php index 4689e989d0e..c8200b1e177 100644 --- a/htdocs/user.class.php +++ b/htdocs/user.class.php @@ -863,7 +863,7 @@ class User extends CommonObject $result=$this->create(); if ($result > 0) { - $result=$this->password($user,$this->pass,$conf->password_encrypted); + $result=$this->setPassword($user,$this->pass); $sql = "UPDATE ".MAIN_DB_PREFIX."user"; $sql.= " SET fk_member=".$member->id; @@ -996,7 +996,7 @@ class User extends CommonObject if ($this->pass != $this->pass_indatabase && $this->pass != $this->pass_indatabase_crypted) { // Si mot de passe saisi et different de celui en base - $result=$this->password($user,$this->pass,$conf->password_encrypted,0,$notrigger); + $result=$this->setPassword($user,$this->pass,0,$notrigger); if (! $nbrowsaffected) $nbrowsaffected++; } @@ -1141,20 +1141,19 @@ class User extends CommonObject /** * \brief Change le mot de passe d'un utilisateur * \param user Object user de l'utilisateur qui fait la modification - * \param password Nouveau mot de passe (e generer si non communique) - * \param noclearpassword 0 ou 1 s'il ne faut pas stocker le mot de passe en clair + * \param password Nouveau mot de passe en clair (a generer si non communique) * \param changelater 1=Change password only after clicking on confirm email * \param notrigger 1=Ne declenche pas les triggers * \param nosyncmember Do not synchronize linked member * \return string If OK return clear password, 0 if no change, < 0 if error */ - function password($user, $password='', $noclearpassword=0, $changelater=0, $notrigger=0, $nosyncmember=0) + function setPassword($user, $password='', $changelater=0, $notrigger=0, $nosyncmember=0) { global $conf, $langs; $error=0; - dolibarr_syslog("User::Password user=".$user->id." password=".eregi_replace('.','*',$password)." noclearpassword=".$noclearpassword." changelater=".$changelater." notrigger=".$notrigger); + dolibarr_syslog("User::Password user=".$user->id." password=".eregi_replace('.','*',$password)." changelater=".$changelater." notrigger=".$notrigger); // Si nouveau mot de passe non communique, on genere par module if (! $password) @@ -1173,7 +1172,7 @@ class User extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX."user"; $sql.= " SET pass_crypted = '".addslashes($password_crypted)."',"; $sql.= " pass_temp = null"; - if ($noclearpassword) + if (! empty($conf->global->DATABASE_PWD_ENCRYPTED)) { $sql.= ", pass = null"; } @@ -1205,7 +1204,7 @@ class User extends CommonObject if ($result >= 0) { - $result=$adh->password($user,$this->pass,0,0,1); // Cryptage non gere dans module adherent + $result=$adh->setPassword($user,$this->pass,0,1); // Cryptage non gere dans module adherent if ($result < 0) { $this->error=$adh->error; diff --git a/htdocs/user/fiche.php b/htdocs/user/fiche.php index b60432de77c..5d6335af233 100644 --- a/htdocs/user/fiche.php +++ b/htdocs/user/fiche.php @@ -46,7 +46,7 @@ $candisableperms=($user->admin || $user->rights->user->user->supprimer); // Defini si peux lire/modifier info user ou mot de passe if ($_GET["id"]) { - // $user est le user qui edite, $_GET["id"] est l'id de l'utilisateur edité + // $user est le user qui edite, $_GET["id"] est l'id de l'utilisateur edit� $caneditfield=( (($user->id == $_GET["id"]) && $user->rights->user->self->creer) || (($user->id != $_GET["id"]) && $user->rights->user->user->creer) ); $caneditpassword=( (($user->id == $_GET["id"]) && $user->rights->user->self->password) @@ -164,7 +164,7 @@ if ($_POST["action"] == 'add' && $canadduser) { if (isset($_POST['password']) && trim($_POST['password'])) { - $edituser->password($user,trim($_POST['password']),$conf->password_encrypted); + $edituser->setPassword($user,trim($_POST['password']),$conf->global->DATABASE_PWD_ENCRYPTED); } $db->commit(); @@ -261,7 +261,7 @@ if ($_POST["action"] == 'update' && ! $_POST["cancel"] && $caneditfield) } if ($ret >= 0 && isset($_POST["password"]) && $_POST["password"] !='') { - $ret=$edituser->password($user,$_POST["password"],$conf->password_encrypted,1); + $ret=$edituser->setPassword($user,$_POST["password"],1); if ($ret < 0) { $message.='
'.$edituser->error.'
'; @@ -303,7 +303,7 @@ if ((($_POST["action"] == 'confirm_password' && $_POST["confirm"] == 'yes') $edituser = new User($db, $_GET["id"]); $edituser->fetch(); - $newpassword=$edituser->password($user,'',$conf->password_encrypted); + $newpassword=$edituser->setPassword($user,''); if ($newpassword < 0) { // Echec @@ -398,7 +398,7 @@ if (($action == 'create') || ($action == 'adduserldap')) { /* ************************************************************************** */ /* */ - /* Affichage fiche en mode création */ + /* Affichage fiche en mode cr�ation */ /* */ /* ************************************************************************** */ @@ -667,7 +667,7 @@ if (($action == 'create') || ($action == 'adduserldap')) } print "\n"; - // Autres caractéristiques issus des autres modules + // Autres caract�ristiques issus des autres modules // Module Webcalendar if ($conf->webcal->enabled) @@ -716,7 +716,7 @@ else $message .= $ldap->error; } - //On vérifie les options du compte + //On v�rifie les options du compte foreach ($ldap->uacf as $key => $statut) { if ($key == 65536) @@ -740,7 +740,7 @@ else /* - * Confirmation réinitialisation mot de passe + * Confirmation r�initialisation mot de passe */ if ($action == 'password') { @@ -758,7 +758,7 @@ else } /* - * Confirmation désactivation + * Confirmation d�sactivation */ if ($action == 'disable') { @@ -940,7 +940,7 @@ else print ''.dolibarr_print_date($fuser->datepreviouslogin,"dayhour").''; print "\n"; - // Autres caractéristiques issus des autres modules + // Autres caract�ristiques issus des autres modules // Module Webcalendar if ($conf->webcal->enabled) @@ -963,7 +963,7 @@ else print "\n"; } - // Module Adhérent + // Module Adh�rent if ($conf->adherent->enabled) { $langs->load("members"); @@ -1048,7 +1048,7 @@ else print_fiche_titre($langs->trans("ListOfGroupsForUser")); - // On sélectionne les groups + // On s�lectionne les groups $uss = array(); $sql = "SELECT ug.rowid, ug.nom "; @@ -1094,7 +1094,7 @@ else } /* - * Groupes affectés + * Groupes affect�s */ $sql = "SELECT g.rowid, g.nom "; $sql .= " FROM ".MAIN_DB_PREFIX."usergroup as g"; @@ -1384,7 +1384,7 @@ else print $fuser->getLibStatut(4); print ''; - // Autres caractéristiques issus des autres modules + // Autres caract�ristiques issus des autres modules // Module Webcalendar if ($conf->webcal->enabled) diff --git a/htdocs/user/passwordforgotten.php b/htdocs/user/passwordforgotten.php index 5dbb633e9cf..411e8702fe2 100644 --- a/htdocs/user/passwordforgotten.php +++ b/htdocs/user/passwordforgotten.php @@ -68,7 +68,7 @@ if ($_GET["action"] == 'validatenewpassword' && $_GET["username"] && $_GET["pass { if (md5($edituser->pass_temp) == $_GET["passwordmd5"]) { - $newpassword=$edituser->password($user,$edituser->pass_temp,$conf->password_encrypted,0); + $newpassword=$edituser->setPassword($user,$edituser->pass_temp,0); dolibarr_syslog("passwordforgotten.php new password for user->id=".$edituser->id." validated in database"); //session_start(); //$_SESSION["loginmesg"]=$langs->trans("PasswordChanged"); @@ -112,7 +112,7 @@ if ($_POST["action"] == 'buildnewpassword' && $_POST["username"]) } else { - $newpassword=$edituser->password($user,'',$conf->password_encrypted,1); + $newpassword=$edituser->setPassword($user,'',1); if ($newpassword < 0) { // Echec