From f68122272dcca8694ccac70578b0fc35d3d70e06 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Mon, 23 Mar 2009 16:31:48 -0400
Subject: [PATCH] Changed default encryption method for ispconfig controlpanel users from md5 to crypt-md5.

---
 interface/web/login/index.php |   27 +++++++++++++++++++++++----
 1 files changed, 23 insertions(+), 4 deletions(-)

diff --git a/interface/web/login/index.php b/interface/web/login/index.php
index 36a3c3a..77fdf49 100644
--- a/interface/web/login/index.php
+++ b/interface/web/login/index.php
@@ -58,8 +58,8 @@
 		if(count($_POST) > 0) {
 			
 			//** Check variables
-			if(!preg_match("/^[\w\.\-\_]{1,64}$/", $_POST['username'])) $error = 'Username contains unallowed characters or is longer then 64 characters.';
-			if(!preg_match("/^.{1,64}$/i", $_POST['passwort'])) $error = 'The password length is > 64 characters.';
+			if(!preg_match("/^[\w\.\-\_]{1,64}$/", $_POST['username'])) $error = $app->lng('user_regex_error');
+			if(!preg_match("/^.{1,64}$/i", $_POST['passwort'])) $error = $app->lng('pw_error_length');
 			
 	        //** iporting variables
 	        $ip 	  = $app->db->quote(ip2long($_SERVER['REMOTE_ADDR']));
@@ -105,10 +105,29 @@
 	        	} else {
 					if ($loginAs){
 			        	$sql = "SELECT * FROM sys_user WHERE USERNAME = '$username' and PASSWORT = '". $passwort. "'";
+						$user = $app->db->queryOneRecord($sql);
 					} else {
-			        	$sql = "SELECT * FROM sys_user WHERE USERNAME = '$username' and ( PASSWORT = '".md5($passwort)."' or PASSWORT = password('$passwort') )";
+			        	$sql = "SELECT * FROM sys_user WHERE USERNAME = '$username'";
+						$user = $app->db->queryOneRecord($sql);
+						if($user && $user['active'] == 1) {
+							$saved_password = stripslashes($user['passwort']);
+							if(substr($saved_password,0,3) == '$1$') {
+								//* The password is crypt-md5 encrypted
+								$salt = '$1$'.substr($saved_password,3,8).'$';
+								if(crypt($passwort,$salt) != $saved_password) {
+									$user = false;
+								}
+							} else {
+								//* The password is md5 encrypted
+								if(md5($passwort) != $saved_password) {
+									$user = false;
+								}
+							}
+						} else {
+							$user = false;
+						}
 					}
-		            $user = $app->db->queryOneRecord($sql);
+		            
 		            if($user) {
 		                if($user['active'] == 1) {
 		                	// User login right, so attempts can be deleted

--
Gitblit v1.9.1