From f5d9544164b039001906db98b59c92f7250553fb Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Tue, 05 Apr 2011 07:28:45 -0400
Subject: [PATCH] Meerged revisions 2265-2278 from stable branch.

---
 interface/web/client/reseller_edit.php |   19 +++++++++++++++++--
 1 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/interface/web/client/reseller_edit.php b/interface/web/client/reseller_edit.php
index 1c9a2a1..9ab6369 100644
--- a/interface/web/client/reseller_edit.php
+++ b/interface/web/client/reseller_edit.php
@@ -150,9 +150,17 @@
 		$active = 1;
 		$language = $app->db->quote($this->dataRecord["language"]);
 		
+		$salt="$1$";
+		$base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
+		for ($n=0;$n<8;$n++) {
+			$salt.=$base64_alphabet[mt_rand(0,63)];
+		}
+		$salt.="$";
+		$password = crypt(stripslashes($password),$salt);
+		
 		// Create the controlpaneluser for the reseller
 		$sql = "INSERT INTO sys_user (username,passwort,modules,startmodule,app_theme,typ,active,language,groups,default_group,client_id)
-		VALUES ('$username',md5('$password'),'$modules','$startmodule','$usertheme','$type','$active','$language',$groups,$groupid,".$this->id.")";
+		VALUES ('$username','$password','$modules','$startmodule','$usertheme','$type','$active','$language',$groups,$groupid,".$this->id.")";
 		$app->db->query($sql);
 		
 		//* set the number of clients to 1
@@ -188,7 +196,14 @@
 		if($conf['demo_mode'] != true && isset($this->dataRecord["password"]) && $this->dataRecord["password"] != '') {
 			$password = $app->db->quote($this->dataRecord["password"]);
 			$client_id = $this->id;
-			$sql = "UPDATE sys_user SET passwort = md5('$password') WHERE client_id = $client_id";
+			$salt="$1$";
+			$base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
+			for ($n=0;$n<8;$n++) {
+				$salt.=$base64_alphabet[mt_rand(0,63)];
+			}
+			$salt.="$";
+			$password = crypt(stripslashes($password),$salt);
+			$sql = "UPDATE sys_user SET passwort = '$password' WHERE client_id = $client_id";
 			$app->db->query($sql);
 		}
 		

--
Gitblit v1.9.1