fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

BUG-15561 Cambiar el algoritmo o metodo de cifrado... SOLVED

Browse Source 
- It don't have the functionality.
- A function was add in class bootstrap hasPassword.
- a function was add in class enterprise.
This commit is contained in:
Marco Antonio Nina
2014-09-22 09:58:50 -04:00
parent c4f0578bd1
commit 48d963a033
23 changed files with 2182 additions and 1937 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
workflow/engine/methods/enterprise/enterprise.php
View File

@@ -105,6 +105,12 @@ class enterprisePlugin extends PMPlugin
public function install()
{
$pluginRegistry = &PMPluginRegistry::getSingleton();
$pluginDetail = $pluginRegistry->getPluginDetails("enterprise.php");
$pluginRegistry->enablePlugin($pluginDetail->sNamespace);
file_put_contents(PATH_DATA_SITE . "plugin.singleton", $pluginRegistry->serializeInstance());
}
public function uninstall()
@@ -113,25 +119,16 @@ class enterprisePlugin extends PMPlugin
public function setup()
{
$urlPart = substr(SYS_SKIN, 0, 2) == 'ux' && SYS_SKIN != 'uxs' ? 'main/login' : 'login/login';
$this->registerMenu("setup", "menuEnterprise.php");
//including the file inside the enterprise folder
////including the file inside the enterprise folder
require_once PATH_CORE . 'classes' . PATH_SEP . 'class.pmLicenseManager.php';
$this->registerTrigger(PM_LOGIN, "enterpriseSystemUpdate");
$licenseManager = &pmLicenseManager::getSingleton();
$oHeadPublisher = &headPublisher::getSingleton();
$this->registerTrigger(PM_HASH_PASSWORD, 'setHashPassword');
}
public function enable()
{
$this->setConfiguration();
$pluginRegistry = &PMPluginRegistry::getSingleton();
file_put_contents(PATH_DATA_SITE . "plugin.singleton", $pluginRegistry->serializeInstance());
require_once (PATH_CORE . 'classes/model/AddonsStore.php');
AddonsStore::checkLicenseStore();
@@ -348,6 +345,28 @@ class enterprisePlugin extends PMPlugin
fclose($file);
}
}
public function hashPassword ($pass, $previous=false)
{
G::LoadClass( "configuration" );
$config= new Configurations();
$typeEncrypt = $config->getConfiguration('ENTERPRISE_SETTING_ENCRYPT', '');
//$typeEncrypt = ($typeEncrypt == null) ? 'md5' : isset($typeEncrypt['current']) ? $typeEncrypt['current'] : 'md5';
$encrypt = 'md5';
if ($typeEncrypt != null) {
if (isset($typeEncrypt['current']) && $typeEncrypt['current'] != '') {
$encrypt = $typeEncrypt['current'];
error_log('hashPassword bootstrap ' . $encrypt);
}
if ($previous && isset($typeEncrypt['previous']) && $typeEncrypt['previous'] != '' ) {
$encrypt = $typeEncrypt['previous'];
error_log('hashPassword bootstrap ' . $encrypt);
}
}
eval("\$var = hash('" . $encrypt . "', '" . $pass . "');");
return $var;
}
}
$oPluginRegistry = &PMPluginRegistry::getSingleton();

8
workflow/engine/methods/login/authentication.php
View File

@@ -40,6 +40,14 @@ try {
$pwd = trim($frm['USR_PASSWORD']);
}
require_once PATH_CORE . 'methods' . PATH_SEP . 'enterprise' . PATH_SEP . 'enterprise.php';
$enterprise = new enterprisePlugin('enterprise');
if (!file_exists(PATH_DATA_SITE . "plugin.singleton")) {
$enterprise->enable();
}
$enterprise->setup();
$uid = $RBAC->VerifyLogin($usr , $pwd);
$RBAC->cleanSessionFiles(72); //cleaning session files older than 72 hours

2
workflow/engine/methods/login/changePassword.php
View File

@@ -5,7 +5,7 @@ $aUser = $oUser->load($_SESSION['USER_LOGGED']);
global $RBAC;
$aData['USR_UID'] = $aUser['USR_UID'];
$aData['USR_USERNAME'] = $aUser['USR_USERNAME'];
$aData['USR_PASSWORD'] = md5($_POST['form']['USR_PASSWORD']);
$aData['USR_PASSWORD'] = Bootstrap::hasPassword($_POST['form']['USR_PASSWORD']);
$aData['USR_FIRSTNAME'] = $aUser['USR_FIRSTNAME'];
$aData['USR_LASTNAME'] = $aUser['USR_LASTNAME'];
$aData['USR_EMAIL'] = $aUser['USR_EMAIL'];

2
workflow/engine/methods/login/retrivePassword.php
View File

@@ -22,7 +22,7 @@ if ($userData['USR_EMAIL'] != '' && $userData['USR_EMAIL'] === $data['USR_EMAIL'
$newPass = G::generate_password();
$aData['USR_UID'] = $userData['USR_UID'];
$aData['USR_PASSWORD'] = md5($newPass);
$aData['USR_PASSWORD'] = Bootstrap::hasPassword($newPass);
/* **Save after sending the mail
$rbacUser->update($aData);
$user->update($aData);

2
workflow/engine/methods/users/myInfo_Save.php
View File

@@ -50,7 +50,7 @@ try {
$_POST['form']['USR_NEW_PASS'] = '';
}
if ($_POST['form']['USR_NEW_PASS'] != '') {
$_POST['form']['USR_PASSWORD'] = md5( $_POST['form']['USR_NEW_PASS'] );
$_POST['form']['USR_PASSWORD'] = Bootstrap::hasPassword( $_POST['form']['USR_NEW_PASS'] );
}
if (! isset( $_POST['form']['USR_CITY'] )) {
$_POST['form']['USR_CITY'] = '';

4
workflow/engine/methods/users/usersAjax.php
View File

@@ -130,7 +130,7 @@ switch ($_POST['action']) {
$form['USR_NEW_PASS'] = '';
}
if ($form['USR_NEW_PASS'] != '') {
$form['USR_PASSWORD'] = md5($form['USR_NEW_PASS']);
$form['USR_PASSWORD'] = Bootstrap::hasPassword($form['USR_NEW_PASS']);
}
if (!isset($form['USR_CITY'])) {
$form['USR_CITY'] = '';
@@ -214,7 +214,7 @@ switch ($_POST['action']) {
*/
require_once 'classes/model/UsersProperties.php';
$oUserProperty = new UsersProperties();
$aUserProperty = $oUserProperty->loadOrCreateIfNotExists($aData['USR_UID'], array('USR_PASSWORD_HISTORY' => serialize(array(md5($aData['USR_PASSWORD'])))));
$aUserProperty = $oUserProperty->loadOrCreateIfNotExists($aData['USR_UID'], array('USR_PASSWORD_HISTORY' => serialize(array(Bootstrap::hasPassword($aData['USR_PASSWORD'])))));
$aUserProperty['USR_LOGGED_NEXT_TIME'] = $form['USR_LOGGED_NEXT_TIME'];
$oUserProperty->update($aUserProperty);
} else {

2
workflow/engine/methods/users/users_Save.php
View File

@@ -63,7 +63,7 @@ try {
$form['USR_NEW_PASS'] = '';
}
if ($form['USR_NEW_PASS'] != '') {
$form['USR_PASSWORD'] = md5( $form['USR_NEW_PASS'] );
$form['USR_PASSWORD'] = Bootstrap::hasPassword( $form['USR_NEW_PASS'] );
}
if (! isset( $form['USR_CITY'] )) {
$form['USR_CITY'] = '';