maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

auto-format all files; add table-definitions to test-bootstrap file

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2018-12-21 12:24:07 +01:00
parent 1ff784198c
commit 97b5439c0d
209 changed files with 6840 additions and 4534 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/Froxlor/System/Cronjob.php
View File

@@ -13,7 +13,7 @@ class Cronjob
* Checks if the system's last guid is not higher than the one saved
* in froxlor's database. If it's higher, froxlor needs to
* set its last guid to this one to avoid conflicts with libnss-users
*
*
* @return null
*/
public static function checkLastGuid()

118
lib/Froxlor/System/Crypt.php
View File

@@ -137,7 +137,7 @@ class Crypt
return $available_pwdhashes;
}
/**
* Function validatePassword
*
@@ -145,78 +145,37 @@ class Crypt
* we check against the length, if not matched
* an error message will be output and 'exit' is called
*
* @param string $password the password to validate
*
* @param string $password
* the password to validate
*
* @return string either the password or an errormessage+exit
*/
public static function validatePassword($password = null, $json_response = false) {
public static function validatePassword($password = null, $json_response = false)
{
if (Settings::Get('panel.password_min_length') > 0) {
$password = validate(
$password,
Settings::Get('panel.password_min_length'),
'/^.{'.(int)Settings::Get('panel.password_min_length').',}$/D',
'notrequiredpasswordlength',
array(),
$json_response
);
$password = validate($password, Settings::Get('panel.password_min_length'), '/^.{' . (int) Settings::Get('panel.password_min_length') . ',}$/D', 'notrequiredpasswordlength', array(), $json_response);
}
if (Settings::Get('panel.password_regex') != '') {
$password = validate(
$password,
Settings::Get('panel.password_regex'),
Settings::Get('panel.password_regex'),
'notrequiredpasswordcomplexity',
array(),
$json_response
);
$password = validate($password, Settings::Get('panel.password_regex'), Settings::Get('panel.password_regex'), 'notrequiredpasswordcomplexity', array(), $json_response);
} else {
if (Settings::Get('panel.password_alpha_lower')) {
$password = validate(
$password,
'/.*[a-z]+.*/',
'/.*[a-z]+.*/',
'notrequiredpasswordcomplexity',
array(),
$json_response
);
$password = validate($password, '/.*[a-z]+.*/', '/.*[a-z]+.*/', 'notrequiredpasswordcomplexity', array(), $json_response);
}
if (Settings::Get('panel.password_alpha_upper')) {
$password = validate(
$password,
'/.*[A-Z]+.*/',
'/.*[A-Z]+.*/',
'notrequiredpasswordcomplexity',
array(),
$json_response
);
$password = validate($password, '/.*[A-Z]+.*/', '/.*[A-Z]+.*/', 'notrequiredpasswordcomplexity', array(), $json_response);
}
if (Settings::Get('panel.password_numeric')) {
$password = validate(
$password,
'/.*[0-9]+.*/',
'/.*[0-9]+.*/',
'notrequiredpasswordcomplexity',
array(),
$json_response
);
$password = validate($password, '/.*[0-9]+.*/', '/.*[0-9]+.*/', 'notrequiredpasswordcomplexity', array(), $json_response);
}
if (Settings::Get('panel.password_special_char_required')) {
$password = validate(
$password,
'/.*[' . preg_quote(Settings::Get('panel.password_special_char')) . ']+.*/',
'/.*[' . preg_quote(Settings::Get('panel.password_special_char')) . ']+.*/',
'notrequiredpasswordcomplexity',
array(),
$json_response
);
$password = validate($password, '/.*[' . preg_quote(Settings::Get('panel.password_special_char')) . ']+.*/', '/.*[' . preg_quote(Settings::Get('panel.password_special_char')) . ']+.*/', 'notrequiredpasswordcomplexity', array(), $json_response);
}
}
return $password;
}
/**
* Function validatePasswordLogin
*
@@ -225,22 +184,26 @@ class Crypt
* additionally it updates the hash if the system settings changed
* or if the very old md5() sum is used
*
* @param array $userinfo user-data from table
* @param string $password the password to validate
* @param string $table either panel_customers or panel_admins
* @param string $uid user-id-field in $table
*
* @param array $userinfo
* user-data from table
* @param string $password
* the password to validate
* @param string $table
* either panel_customers or panel_admins
* @param string $uid
* user-id-field in $table
*
* @return boolean
*/
public static function validatePasswordLogin($userinfo = null, $password = null, $table = 'panel_customers', $uid = 'customerid') {
public static function validatePasswordLogin($userinfo = null, $password = null, $table = 'panel_customers', $uid = 'customerid')
{
$systype = 3; // SHA256
if (Settings::Get('system.passwordcryptfunc') !== null) {
$systype = (int)Settings::Get('system.passwordcryptfunc');
$systype = (int) Settings::Get('system.passwordcryptfunc');
}
$pwd_hash = $userinfo['password'];
$update_hash = false;
// check for good'ole md5
if (strlen($pwd_hash) == 32 && ctype_xdigit($pwd_hash)) {
@@ -254,34 +217,31 @@ class Crypt
// check whether the hash needs to be updated
$hash_type_chk = substr($pwd_hash, 0, 3);
if (($systype == 1 && $hash_type_chk != '$1$') || // MD5
($systype == 2 && $hash_type_chk != '$2$') || // BLOWFISH
($systype == 3 && $hash_type_chk != '$5$') || // SHA256
($systype == 4 && $hash_type_chk != '$6$') // SHA512
) {
$update_hash = true;
}
($systype == 2 && $hash_type_chk != '$2$') || // BLOWFISH
($systype == 3 && $hash_type_chk != '$5$') || // SHA256
($systype == 4 && $hash_type_chk != '$6$')) // SHA512
{
$update_hash = true;
}
}
if ($pwd_hash == $pwd_check) {
// check for update of hash (only if our database is ready to handle the bigger string)
$is_ready = (version_compare2("0.9.33", \Froxlor\Froxlor::getVersion()) <= 0 ? true : false);
if ($update_hash && $is_ready) {
$upd_stmt = \Froxlor\Database\Database::prepare("
UPDATE " . $table . " SET `password` = :newpasswd WHERE `" . $uid . "` = :uid
");
$params = array (
$params = array(
'newpasswd' => self::makeCryptPassword($password),
'uid' => $userinfo[$uid]
);
\Froxlor\Database\Database::pexecute($upd_stmt, $params);
}
return true;
}
return false;
}
}