maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

add function to validate different password-hashes and update them to the currently set hash if login successfull and hash differs, set default hash to SHA256, fixes #1289 - add custom-notes field to admin/customer, fixes #1471 - set version to 0.9.33-rc2 for upcoming second release-candidate

Browse Source 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
2015-01-28 13:24:36 +01:00
parent 7904946862
commit 36c7527b2a
4 changed files with 31 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
index.php
View File

@@ -118,7 +118,7 @@ if ($action == 'login') {
if ($userinfo['loginfail_count'] >= Settings::Get('login.maxloginattempts') && $userinfo['lastlogin_fail'] > (time() - Settings::Get('login.deactivatetime'))) { if ($userinfo['loginfail_count'] >= Settings::Get('login.maxloginattempts') && $userinfo['lastlogin_fail'] > (time() - Settings::Get('login.deactivatetime'))) {
redirectTo('index.php', array('showmessage' => '3')); redirectTo('index.php', array('showmessage' => '3'));
exit; exit;
} elseif ($userinfo['password'] == md5($password)) { } elseif (validatePasswordLogin($userinfo, $password, $table, $uid)) {
// login correct // login correct
// reset loginfail_counter, set lastlogin_succ // reset loginfail_counter, set lastlogin_succ
$stmt = Database::prepare("UPDATE $table $stmt = Database::prepare("UPDATE $table

9
install/froxlor.sql
View File

@@ -91,7 +91,7 @@ DROP TABLE IF EXISTS `panel_admins`;
CREATE TABLE `panel_admins` ( CREATE TABLE `panel_admins` (
`adminid` int(11) unsigned NOT NULL auto_increment, `adminid` int(11) unsigned NOT NULL auto_increment,
`loginname` varchar(50) NOT NULL default '', `loginname` varchar(50) NOT NULL default '',
`password` varchar(50) NOT NULL default '', `password` varchar(255) NOT NULL default '',
`name` varchar(255) NOT NULL default '', `name` varchar(255) NOT NULL default '',
`email` varchar(255) NOT NULL default '', `email` varchar(255) NOT NULL default '',
`def_language` varchar(255) NOT NULL default '', `def_language` varchar(255) NOT NULL default '',
@@ -143,7 +143,7 @@ DROP TABLE IF EXISTS `panel_customers`;
CREATE TABLE `panel_customers` ( CREATE TABLE `panel_customers` (
`customerid` int(11) unsigned NOT NULL auto_increment, `customerid` int(11) unsigned NOT NULL auto_increment,
`loginname` varchar(50) NOT NULL default '', `loginname` varchar(50) NOT NULL default '',
`password` varchar(50) NOT NULL default '', `password` varchar(255) NOT NULL default '',
`adminid` int(11) unsigned NOT NULL default '0', `adminid` int(11) unsigned NOT NULL default '0',
`name` varchar(255) NOT NULL default '', `name` varchar(255) NOT NULL default '',
`firstname` varchar(255) NOT NULL default '', `firstname` varchar(255) NOT NULL default '',
@@ -492,7 +492,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
('system', 'phpreload_command', ''), ('system', 'phpreload_command', ''),
('system', 'apache24', '0'), ('system', 'apache24', '0'),
('system', 'documentroot_use_default_value', '0'), ('system', 'documentroot_use_default_value', '0'),
('system', 'passwordcryptfunc', '1'), ('system', 'passwordcryptfunc', '3'),
('system', 'axfrservers', ''), ('system', 'axfrservers', ''),
('system', 'customer_ssl_path', '/etc/ssl/froxlor-custom/'), ('system', 'customer_ssl_path', '/etc/ssl/froxlor-custom/'),
('system', 'allow_error_report_admin', '1'), ('system', 'allow_error_report_admin', '1'),
@@ -507,6 +507,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
('system', 'croncmdline', '/usr/bin/nice -n 5 /usr/bin/php5 -q'), ('system', 'croncmdline', '/usr/bin/nice -n 5 /usr/bin/php5 -q'),
('system', 'cron_allowautoupdate', '0'), ('system', 'cron_allowautoupdate', '0'),
('system', 'dns_createhostnameentry', '0'), ('system', 'dns_createhostnameentry', '0'),
('system', 'send_cron_errors', '0'),
('panel', 'decimal_places', '4'), ('panel', 'decimal_places', '4'),
('panel', 'adminmail', 'admin@SERVERNAME'), ('panel', 'adminmail', 'admin@SERVERNAME'),
('panel', 'phpmyadmin_url', ''), ('panel', 'phpmyadmin_url', ''),
@@ -537,7 +538,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES
('panel', 'password_numeric', '0'), ('panel', 'password_numeric', '0'),
('panel', 'password_special_char_required', '0'), ('panel', 'password_special_char_required', '0'),
('panel', 'password_special_char', '!?<>§$%+#=@'), ('panel', 'password_special_char', '!?<>§$%+#=@'),
('panel', 'version', '0.9.33-rc1'); ('panel', 'version', '0.9.33-rc2');
DROP TABLE IF EXISTS `panel_tasks`; DROP TABLE IF EXISTS `panel_tasks`;

24
install/updates/froxlor/0.9/update_0.9.inc.php
View File

@@ -2852,3 +2852,27 @@ if (isFroxlorVersion('0.9.33-dev3')) {
updateToVersion('0.9.33-rc1'); updateToVersion('0.9.33-rc1');
} }
if (isFroxlorVersion('0.9.33-rc1')) {
showUpdateStep("Updating from 0.9.33-rc1 to 0.9.33-rc2", false);
showUpdateStep("Add new setting for sending cron-errors via mail");
$sendcronerrors = isset($_POST['system_send_cron_errors']) ? (int)$_POST['system_send_cron_errors'] : "0";
Settings::addNew('system.send_cron_errors', $sendcronerrors);
lastStepStatus(0);
showUpdateStep("Add new custom-notes field for admins and customer");
Database::query("ALTER TABLE `".TABLE_PANEL_ADMINS."` ADD `custom_notes` text AFTER `theme`");
Database::query("ALTER TABLE `".TABLE_PANEL_ADMINS."` ADD `custom_notes_show` tinyint(1) NOT NULL default '0' AFTER `custom_notes`");
Database::query("ALTER TABLE `".TABLE_PANEL_CUSTOMERS."` ADD `custom_notes` text AFTER `theme`");
Database::query("ALTER TABLE `".TABLE_PANEL_CUSTOMERS."` ADD `custom_notes_show` tinyint(1) NOT NULL default '0' AFTER `custom_notes`");
lastStepStatus(0);
// go from varchar(50) to varchar(255) because of some hashes that are longer than that
showUpdateStep("Updating table structure of admins and customers");
Database::query("ALTER TABLE `".TABLE_PANEL_ADMINS."` MODIFY `password` varchar(255) NOT NULL default ''");
Database::query("ALTER TABLE `".TABLE_PANEL_CUSTOMERS."` MODIFY `password` varchar(255) NOT NULL default ''");
lastStepStatus(0);
updateToVersion('0.9.33-rc2');
}

2
lib/tables.inc.php
View File

@@ -51,6 +51,6 @@ define('TABLE_PANEL_DOMAIN_SSL_SETTINGS', 'domain_ssl_settings');
define('TABLE_DOMAINTOIP', 'panel_domaintoip'); define('TABLE_DOMAINTOIP', 'panel_domaintoip');
// VERSION INFO // VERSION INFO
$version = '0.9.33-rc1'; $version = '0.9.33-rc2';
$dbversion = '2'; $dbversion = '2';
$branding = ''; $branding = '';