From 5764f8edda74ef79bdae1c240b36b54c9790fa7c Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Tue, 29 May 2012 05:10:41 -0400
Subject: [PATCH] Fixed: FS#2263 - Password does not get encrypted properly when the soap database update function is used
---
interface/lib/classes/remoting_lib.inc.php | 16 +++++++++-------
1 files changed, 9 insertions(+), 7 deletions(-)
diff --git a/interface/lib/classes/remoting_lib.inc.php b/interface/lib/classes/remoting_lib.inc.php
index f9b6e72..d100f15 100644
--- a/interface/lib/classes/remoting_lib.inc.php
+++ b/interface/lib/classes/remoting_lib.inc.php
@@ -608,17 +608,19 @@
$sql_insert_val .= "'".$record[$key]."', ";
}
} else {
+
if($field['formtype'] == 'PASSWORD') {
- if($field['encryption'] == 'CRYPT') {
+ if(isset($field['encryption']) && $field['encryption'] == 'CRYPT') {
$record[$key] = $app->auth->crypt_password(stripslashes($record[$key]));
- } elseif ($field['encryption'] == 'MYSQL') {
- $sql_insert_val .= "PASSWORD('".$app->db->quote($record[$key])."'), ";
- } elseif ($field['encryption'] == 'CLEARTEXT') {
- $sql_insert_val .= "'".$app->db->quote($record[$key])."', ";
+ $sql_update .= "`$key` = '".$app->db->quote($record[$key])."', ";
+ } elseif (isset($field['encryption']) && $field['encryption'] == 'MYSQL') {
+ $sql_update .= "`$key` = PASSWORD('".$app->db->quote($record[$key])."'), ";
+ } elseif (isset($field['encryption']) && $field['encryption'] == 'CLEARTEXT') {
+ $sql_update .= "`$key` = '".$app->db->quote($record[$key])."', ";
} else {
- $record[$key] = md5($record[$key]);
+ $record[$key] = md5(stripslashes($record[$key]));
+ $sql_update .= "`$key` = '".$app->db->quote($record[$key])."', ";
}
- $sql_update .= "`$key` = '".$record[$key]."', ";
} elseif ($field['formtype'] == 'CHECKBOX') {
if($record[$key] == '') {
// if a checkbox is not set, we set it to the unchecked value
--
Gitblit v1.9.1