Fix: Encryption of password in file

htdocs/admin/security.php

@@ -18,10 +18,10 @@
  */
 
 /**
-	    \file       htdocs/admin/security.php
-        \ingroup    setup
-        \brief      Page de configuration du module s<>curit<69>
-		\version    $Id$
+ *		\file       htdocs/admin/security.php
+ *      \ingroup    setup
+ *      \brief      Page de configuration du module s<>curit<69>
+ *		\version    $Id$
  */
 
 require("./pre.inc.php");
@@ -95,7 +95,8 @@ if ($_GET["action"] == 'activate_encryptdbpassconf')
 	$result = encodedecode_dbpassconf(1);
 	if ($result > 0)
 	{
-		dolibarr_set_const($db, "MAIN_DATABASE_PWD_CONFIG_ENCRYPTED", "1");
+		// database value not required
+		//dolibarr_set_const($db, "MAIN_DATABASE_PWD_CONFIG_ENCRYPTED", "1");
 		Header("Location: security.php");
 		exit;
 	}
@@ -109,7 +110,8 @@ else if ($_GET["action"] == 'disable_encryptdbpassconf')
 	$result = encodedecode_dbpassconf(0);
 	if ($result > 0)
 	{
-		dolibarr_del_const($db, "MAIN_DATABASE_PWD_CONFIG_ENCRYPTED");
+		// database value not required
+		//dolibarr_del_const($db, "MAIN_DATABASE_PWD_CONFIG_ENCRYPTED");
 		Header("Location: security.php");
 		exit;
 	}
@@ -311,25 +313,30 @@ $var=!$var;
 print "<tr ".$bc[$var].">";
 print '<td colspan="3">'.$langs->trans("MainDbPasswordFileConfEncrypted").'</td>';
 print '<td align="center" width="60">';
-if($conf->global->MAIN_DATABASE_PWD_CONFIG_ENCRYPTED == 1)
+if (! empty($dolibarr_main_db_encrypted_pass))
 {
 	print img_tick();
 }
 
 print '</td>';
 
-if ($conf->global->MAIN_DATABASE_PWD_CONFIG_ENCRYPTED == 0)
-{
 print '<td align="center" width="100">';
+if (empty($dolibarr_main_db_pass) && empty($dolibarr_main_db_encrypted_pass)) 
+{
+	print img_warning($langs->trans("WarningPassIsEmpty"));
+}
+else
+{
+	if (empty($dolibarr_main_db_encrypted_pass))
+	{
 		print '<a href="security.php?action=activate_encryptdbpassconf">'.$langs->trans("Activate").'</a>';
-	print "</td>";
 	}
-if($conf->global->MAIN_DATABASE_PWD_CONFIG_ENCRYPTED == 1)
+	if (! empty($dolibarr_main_db_encrypted_pass))
 	{
-	print '<td align="center" width="100">';
 		print '<a href="security.php?action=disable_encryptdbpassconf">'.$langs->trans("Disable").'</a>';
-	print "</td>";
 	}
+}
+print "</td>";
 
 print "</td>";
 print '</tr>';

htdocs/install/etape5.php

@@ -87,12 +87,12 @@ pHeader($langs->trans("SetupEnd"),"etape5");
 
 if ($_POST["action"] == "set" || $_POST["action"] == "upgrade")
 {
+    require_once(DOL_DOCUMENT_ROOT ."/lib/functions.lib.php");
     
     print '<table cellspacing="0" cellpadding="2" width="100%">';
     $error=0;
     
-    // on d<>code le mot de passe de la base si besoin
-    require_once(DOL_DOCUMENT_ROOT ."/lib/functions.lib.php");
+	// decode database pass if needed
     if (! empty($dolibarr_main_db_encrypted_pass))
     {
 		require_once(DOL_DOCUMENT_ROOT ."/lib/security.lib.php");

htdocs/install/upgrade2.php

@@ -74,7 +74,7 @@ if (isset($_POST['action']) && $_POST['action'] == 'upgrade')
 
 	print '<table cellspacing="0" cellpadding="1" border="0" width="100%">';
 
-	// on decode le mot de passe de la base si besoin
+	// decode database pass if needed
 	if (! empty($dolibarr_main_db_encrypted_pass))
 	{
 		require_once($dolibarr_main_document_root."/lib/security.lib.php");

htdocs/lib/admin.lib.php

@@ -294,13 +294,13 @@ function dolibarr_get_const($db, $name)
 
 
 /**
-   \brief      	Insertion d'une constante dans la base de données.
+   \brief      	Insertion d'une constante dans la base de donnees.
    \sa			dolibarr_del_const, dolibarr_get_const
-   \param	    db          Handler d'accés base
+   \param	    db          Handler d'acces base
    \param	    name		Nom de la constante
    \param	    value		Valeur de la constante
-   \param	    type		Type de constante (chaine par défaut)
-   \param	    visible	    La constante est elle visible (0 par défaut)
+   \param	    type		Type de constante (chaine par defaut)
+   \param	    visible	    La constante est elle visible (0 par defaut)
    \param	    note		Explication de la constante
    \return     	int         -1 if KO, 1 if OK
 */

htdocs/lib/security.lib.php

@@ -53,11 +53,13 @@ function makesalt($type=CRYPT_SALT_LENGTH)
 }
 
 /**
-   \brief   Encode\decode database password in config file
-   \param   level    Encode level : 0 no enconding, 1 encoding
+ *  \brief   	Encode\decode database password in config file
+ *  \param   	level   Encode level : 0 no enconding, 1 encoding
+ *	\return		int		<0 if KO, >0 if OK	
  */
 function encodedecode_dbpassconf($level=0)
 {
+	dolibarr_syslog("security.lib::encodedecode_dbpassconf level=".$level, LOG_DEBUG);
 	$config = '';
 
 	if ($fp = fopen(DOL_DOCUMENT_ROOT.'/conf/conf.php','r'))
@@ -95,19 +97,21 @@ function encodedecode_dbpassconf($level=0)
 		}
 		else
 		{
+			dolibarr_syslog("security.lib::encodedecode_dbpassconf Failed to open conf.php file for writing", LOG_WARNING);
 			return -1;
 		}
 	}
 	else
 	{
+		dolibarr_syslog("security.lib::encodedecode_dbpassconf Failed to read conf.php", LOG_ERR);
 		return -2;
 	}
 }
 
 /**
- \brief   Encode une chaine de caract<63>re
- \param   chain    chaine de caract<63>res a encoder
- \return  string_coded  chaine de caract<63>res encod<6F>e
+ *	\brief   Encode une chaine de caract<63>re
+ *	\param   chaine			chaine de caract<63>res a encoder
+ *	\return  string_coded  	chaine de caract<63>res encod<6F>e
  */
 function dol_encode($chain)
 {
@@ -121,9 +125,9 @@ function dol_encode($chain)
 }
 
 /**
- \brief   Decode une chaine de caract<63>re
- \param   chain    chaine de caract<63>res a decoder
- \return  string_coded  chaine de caract<63>res decod<6F>e
+ *	\brief   Decode une chaine de caract<63>re
+ *	\param   chain    chaine de caract<63>res a decoder
+ *	\return  string_coded  chaine de caract<63>res decod<6F>e
  */
 function dol_decode($chain)
 {