moparisthebest/user_sql
1
0
Fork 0
mirror of https://github.com/moparisthebest/user_sql synced 2024-11-28 11:52:19 -05:00
Code Issues Releases Wiki Activity

A few bugfixes, especially for MD5Crypt and password changing

Browse Source
This commit is contained in:
Andreas Boehler 2012-12-20 15:01:12 +01:00
parent a773180ff8
commit 539c4b56ef
1 changed files with 26 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
user_sql.php
View File

@ -113,7 +113,7 @@ class OC_USER_SQL extends OC_User_Backend implements OC_User_Interface {
return false; return false;
} }
$old_password = $row[$this->sql_column_password]; $old_password = $row[$this->sql_column_password];
$enc_password = pacrypt($password, $old_password); $enc_password = $this->pacrypt($password, $old_password);
$query = "UPDATE $this->sql_table SET $this->sql_column_password = :enc_password WHERE $this->sql_column_username = :uid"; $query = "UPDATE $this->sql_table SET $this->sql_column_password = :enc_password WHERE $this->sql_column_username = :uid";
OC_Log::write('OC_USER_SQL', "Preapring query: $query", OC_Log::DEBUG); OC_Log::write('OC_USER_SQL', "Preapring query: $query", OC_Log::DEBUG);
$result = $this->db->prepare($query); $result = $this->db->prepare($query);
@ -380,7 +380,7 @@ class OC_USER_SQL extends OC_User_Backend implements OC_User_Interface {
// Call: md5crypt (string cleartextpassword) // Call: md5crypt (string cleartextpassword)
// //
function md5crypt ($pw, $salt="", $magic="") private function md5crypt ($pw, $salt="", $magic="")
{ {
$MAGIC = "$1$"; $MAGIC = "$1$";
@ -391,7 +391,7 @@ class OC_USER_SQL extends OC_User_Backend implements OC_User_Interface {
$salt = substr ($salt, 0, 8); $salt = substr ($salt, 0, 8);
$ctx = $pw . $magic . $salt; $ctx = $pw . $magic . $salt;
$final = $this->hex2bin (md5 ($pw . $salt . $pw)); $final = $this->pahex2bin (md5 ($pw . $salt . $pw));
for ($i=strlen ($pw); $i>0; $i-=16) for ($i=strlen ($pw); $i>0; $i-=16)
{ {
@ -412,7 +412,7 @@ class OC_USER_SQL extends OC_User_Backend implements OC_User_Interface {
else $ctx .= $pw[0]; else $ctx .= $pw[0];
$i = $i >> 1; $i = $i >> 1;
} }
$final = $this->hex2bin (md5 ($ctx)); $final = $this->pahex2bin (md5 ($ctx));
for ($i=0;$i<1000;$i++) for ($i=0;$i<1000;$i++)
{ {
@ -435,7 +435,7 @@ class OC_USER_SQL extends OC_User_Backend implements OC_User_Interface {
{ {
$ctx1 .= $pw; $ctx1 .= $pw;
} }
$final = $this->hex2bin (md5 ($ctx1)); $final = $this->pahex2bin (md5 ($ctx1));
} }
$passwd = ""; $passwd = "";
$passwd .= $this->to64 (((ord ($final[0]) << 16) | (ord ($final[6]) << 8) | (ord ($final[12]))), 4); $passwd .= $this->to64 (((ord ($final[0]) << 16) | (ord ($final[6]) << 8) | (ord ($final[12]))), 4);
@ -447,14 +447,33 @@ class OC_USER_SQL extends OC_User_Backend implements OC_User_Interface {
return "$magic$salt\$$passwd"; return "$magic$salt\$$passwd";
} }
function create_salt () private function create_salt ()
{ {
srand ((double) microtime ()*1000000); srand ((double) microtime ()*1000000);
$salt = substr (md5 (rand (0,9999999)), 0, 8); $salt = substr (md5 (rand (0,9999999)), 0, 8);
return $salt; return $salt;
} }
function to64 ($v, $n) private function pahex2bin ($str)
{
if(function_exists('hex2bin'))
{
return hex2bin($str);
}
else
{
$len = strlen ($str);
$nstr = "";
for ($i=0;$i<$len;$i+=2)
{
$num = sscanf (substr ($str,$i,2), "%x");
$nstr.=chr ($num[0]);
}
return $nstr;
}
}
private function to64 ($v, $n)
{ {
$ITOA64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; $ITOA64 = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
$ret = ""; $ret = "";