forked from Wavyzz/dolibarr
Ajout d'une option permettant d'encrypter le mot de passe de la base de donnes dans le fichier conf.php
This commit is contained in:
Regis Houssin
@@ -87,6 +87,21 @@ else if ($_GET["action"] == 'disable_encrypt')
|
||||
exit;
|
||||
}
|
||||
|
||||
if ($_GET["action"] == 'activate_encryptdbpassconf')
|
||||
{
|
||||
dolibarr_set_const($db, "MAIN_DATABASE_PWD_CONFIG_ENCRYPTED", "1");
|
||||
$result = encodedecode_dbpassconf(1);
|
||||
Header("Location: security.php");
|
||||
exit;
|
||||
}
|
||||
else if ($_GET["action"] == 'disable_encryptdbpassconf')
|
||||
{
|
||||
dolibarr_del_const($db, "MAIN_DATABASE_PWD_CONFIG_ENCRYPTED");
|
||||
$result = encodedecode_dbpassconf(0);
|
||||
Header("Location: security.php");
|
||||
exit;
|
||||
}
|
||||
|
||||
/*
|
||||
* Affichage onglet
|
||||
*/
|
||||
@@ -198,8 +213,8 @@ print "<input type=\"hidden\" name=\"action\" value=\"encrypt\">";
|
||||
|
||||
print '<table class="noborder" width="100%">';
|
||||
print '<tr class="liste_titre">';
|
||||
print '<td colspan="2">'.$langs->trans("Encryption").'</td>';
|
||||
print '<td>'.$langs->trans("Activated").'</td>';
|
||||
print '<td colspan="3">'.$langs->trans("Encryption").'</td>';
|
||||
print '<td align="center">'.$langs->trans("Activated").'</td>';
|
||||
if ($conf->global->DATABASE_PWD_ENCRYPTED == 0 || $allow_disable_encryption)
|
||||
{
|
||||
print '<td align="center">'.$langs->trans("Action").'</td>';
|
||||
@@ -207,8 +222,7 @@ if ($conf->global->DATABASE_PWD_ENCRYPTED == 0 || $allow_disable_encryption)
|
||||
print '</tr>';
|
||||
|
||||
print "<tr ".$bc[$var].">";
|
||||
print '<td>'.$langs->trans("DoNotStoreClearPassword").'</td>';
|
||||
print '<td> </td>';
|
||||
print '<td colspan="3">'.$langs->trans("DoNotStoreClearPassword").'</td>';
|
||||
print '<td align="center" width="20">';
|
||||
if($conf->global->DATABASE_PWD_ENCRYPTED == 1)
|
||||
{
|
||||
@@ -234,6 +248,36 @@ if($conf->global->DATABASE_PWD_ENCRYPTED == 1 && $allow_disable_encryption)
|
||||
print "</td>";
|
||||
print '</tr>';
|
||||
|
||||
|
||||
// Cryptage du mot de base de la base dans conf.php
|
||||
|
||||
print "<tr ".$bc[$var].">";
|
||||
print '<td colspan="2">'.$langs->trans("MainDbPasswordFileConfEncrypted").'</td>';
|
||||
//print '<td> </td>';
|
||||
print '<td align="center" width="20">';
|
||||
if($conf->global->MAIN_DATABASE_PWD_CONFIG_ENCRYPTED == 1)
|
||||
{
|
||||
print img_tick();
|
||||
}
|
||||
|
||||
print '</td>';
|
||||
|
||||
if ($conf->global->MAIN_DATABASE_PWD_CONFIG_ENCRYPTED == 0)
|
||||
{
|
||||
print '<td align="center" width="100">';
|
||||
print '<a href="security.php?action=activate_encryptdbpassconf">'.$langs->trans("Activate").'</a>';
|
||||
print "</td>";
|
||||
}
|
||||
if($conf->global->MAIN_DATABASE_PWD_CONFIG_ENCRYPTED == 1)
|
||||
{
|
||||
print '<td align="center" width="100">';
|
||||
print '<a href="security.php?action=disable_encryptdbpassconf">'.$langs->trans("Disable").'</a>';
|
||||
print "</td>";
|
||||
}
|
||||
|
||||
print "</td>";
|
||||
print '</tr>';
|
||||
|
||||
print '</table>';
|
||||
print '</form>';
|
||||
|
||||
|
||||
@@ -93,6 +93,7 @@ Required=Required
|
||||
Security=Security
|
||||
Passwords=Passwords
|
||||
DoNotStoreClearPassword=Do no store clear passwords in database
|
||||
MainDbPasswordFileConfEncrypted=Password of the database encrypted in conf.php
|
||||
Feature=Feature
|
||||
DolibarrLicense=License
|
||||
DolibarrProjectLeader=Project leader
|
||||
|
||||
@@ -93,6 +93,7 @@ Required=Requis
|
||||
Security=S<>curit<69>
|
||||
Passwords=Mots de passe
|
||||
DoNotStoreClearPassword=Ne pas stocker de mot de passe en clair dans la base
|
||||
MainDbPasswordFileConfEncrypted=Encrypter le mot de passe de la base dans le fichier conf.php
|
||||
Feature=Fonction
|
||||
DolibarrLicense=Licence
|
||||
DolibarrProjectLeader=Chef de projet
|
||||
|
||||
@@ -2402,4 +2402,102 @@ function _dol_htmlentities($stringtoencode,$isstringalreadyhtml)
|
||||
return $stringtoencode;
|
||||
}
|
||||
|
||||
/**
|
||||
\brief Encode\decode le mot de passe de la base de donn<6E>es dans le fichier de conf
|
||||
\param level niveau d'encodage : 0 non encod<6F>, 1 encod<6F>
|
||||
*/
|
||||
function encodedecode_dbpassconf($level=0)
|
||||
{
|
||||
global $conf;
|
||||
|
||||
$config = '';
|
||||
|
||||
if ($fp = fopen(DOL_DOCUMENT_ROOT.'/conf/conf.php','r'))
|
||||
{
|
||||
while(!feof($fp))
|
||||
{
|
||||
$buffer = fgets($fp,4096);
|
||||
if (strstr($buffer,"\$dolibarr_main_db_encrypted_pass"))
|
||||
{
|
||||
if ($level == 0)
|
||||
{
|
||||
$config .= "\$dolibarr_main_db_encrypted_pass=0;\n";
|
||||
}
|
||||
else if ($level == 1)
|
||||
{
|
||||
$config .= "\$dolibarr_main_db_encrypted_pass=1;\n";
|
||||
}
|
||||
}
|
||||
else if (strstr($buffer,"\$dolibarr_main_db_pass"))
|
||||
{
|
||||
$passwd = strstr($buffer,"$dolibarr_main_db_pass=");
|
||||
$passwd = substr(substr($passwd,2),0,-3);
|
||||
if ($level == 0)
|
||||
{
|
||||
$passwd = dolibarr_decode($passwd);
|
||||
}
|
||||
else if ($level == 1)
|
||||
{
|
||||
$passwd = dolibarr_encode($passwd);
|
||||
}
|
||||
$config .= "\$dolibarr_main_db_pass=\"$passwd\";\n";
|
||||
}
|
||||
else
|
||||
{
|
||||
$config .= $buffer;
|
||||
}
|
||||
}
|
||||
fclose($fp);
|
||||
|
||||
if ($fp = fopen(DOL_DOCUMENT_ROOT.'/conf/conf.php','w'))
|
||||
{
|
||||
fputs($fp, $config, strlen($config));
|
||||
fclose($fp);
|
||||
return 1;
|
||||
}
|
||||
else
|
||||
{
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
return -2;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
\brief Encode une chaine de caract<63>re
|
||||
\param chain chaine de caract<63>res <20> encoder
|
||||
\return string_coded chaine de caract<63>res encod<6F>e
|
||||
*/
|
||||
function dolibarr_encode($chain)
|
||||
{
|
||||
for($i=0;$i<strlen($chain);$i++)
|
||||
{
|
||||
$output_tab[$i] = chr(ord(substr($chain,$i,1))+17);
|
||||
}
|
||||
|
||||
$string_coded = base64_encode(implode ("",$output_tab));
|
||||
return $string_coded;
|
||||
}
|
||||
|
||||
/**
|
||||
\brief Decode une chaine de caract<63>re
|
||||
\param chain chaine de caract<63>res <20> decoder
|
||||
\return string_coded chaine de caract<63>res decod<6F>e
|
||||
*/
|
||||
function dolibarr_decode($chain)
|
||||
{
|
||||
$chain = base64_decode($chain);
|
||||
|
||||
for($i=0;$i<strlen($chain);$i++)
|
||||
{
|
||||
$output_tab[$i] = chr(ord(substr($chain,$i,1))-17);
|
||||
}
|
||||
|
||||
$string_decoded = implode ("",$output_tab);
|
||||
return $string_decoded;
|
||||
}
|
||||
|
||||
?>
|
||||
|
||||
@@ -84,7 +84,13 @@ define('DOL_URL_ROOT', $pos); // URL racine relative
|
||||
/*
|
||||
* Creation objet $conf
|
||||
*/
|
||||
|
||||
// on d<>code le mot de passe de la base si besoin
|
||||
require_once(DOL_DOCUMENT_ROOT ."/lib/functions.inc.php");
|
||||
if ($dolibarr_main_db_encrypted_pass == 1) $dolibarr_main_db_pass = dolibarr_decode($dolibarr_main_db_pass);
|
||||
|
||||
require_once(DOL_DOCUMENT_ROOT."/conf/conf.class.php");
|
||||
|
||||
$conf = new Conf();
|
||||
$conf->db->host = $dolibarr_main_db_host;
|
||||
$conf->db->name = $dolibarr_main_db_name;
|
||||
@@ -106,7 +112,6 @@ if (isset($_SERVER["HTTP_USER_AGENT"]))
|
||||
}
|
||||
|
||||
// Chargement des includes principaux
|
||||
require_once(DOL_DOCUMENT_ROOT ."/lib/functions.inc.php");
|
||||
require_once(DOL_DOCUMENT_ROOT ."/user.class.php");
|
||||
require_once(DOL_DOCUMENT_ROOT ."/menu.class.php");
|
||||
require_once(DOL_DOCUMENT_ROOT ."/html.form.class.php");
|
||||
|
||||
Reference in New Issue
Block a user