Fixing many issues related to password hash method changed

gulliver/system/class.bootstrap.php

@@ -2860,28 +2860,43 @@ class Bootstrap
         }
     }
 
-    public function getPasswordHashType()
+    public function getPasswordHashConfig()
     {
-        G::LoadClass( "configuration" );
+        G::LoadClass('configuration');
         $config= new Configurations();
-        return $config->getConfiguration('ENTERPRISE_SETTING_ENCRYPT', '');
+        $passwordHashConfig = $config->getConfiguration('ENTERPRISE_SETTING_ENCRYPT', '');
+        if (!is_null($passwordHashConfig)) {
+            if (!is_array($passwordHashConfig)) {
+                $passwordHashConfig = array();
+            }
+            if (!isset($passwordHashConfig['current'])) {
+                $passwordHashConfig['current'] = 'md5';
+            }
+            if (!isset($passwordHashConfig['previous'])) {
+                $passwordHashConfig['previous'] = 'md5';
+            }
+        } else {
+            $passwordHashConfig = array('current' => 'md5', 'previous' => 'md5');
+        }
+        return $passwordHashConfig;
     }
 
-    public function hashPassword($pass, $hashType = '', $includeHashType = false, $hashOld = false)
+    public function getPasswordHashType()
     {
-        $typeEncrypt = ($hashType != '') ? $hashType : Bootstrap::getPasswordHashType();
-        $encrypt = 'md5';
-        if ($typeEncrypt != null) {
-            if (isset($typeEncrypt['current']) && $typeEncrypt['current'] != '') {
-                $encrypt = $typeEncrypt['current'];
-            }
-            if ($hashOld && isset($typeEncrypt['previous']) && $typeEncrypt['previous'] != '' ) {
-                $encrypt = $typeEncrypt['previous'];
-            }
+        $passwordHashConfig = Bootstrap::getPasswordHashConfig();
+        return $passwordHashConfig['current'];
+    }
+
+    public function hashPassword($pass, $hashType = '', $includeHashType = false)
+    {
+        if ($hashType == '') {
+            $hashType = Bootstrap::getPasswordHashType();
         }
-        eval("\$var = hash('" . $encrypt . "', '" . $pass . "');");
+
+        eval("\$var = hash('" . $hashType . "', '" . $pass . "');");
+
         if ($includeHashType) {
-            $var = $encrypt . ':' . $var;
+            $var = $hashType . ':' . $var;
         }
 
         return $var;
@@ -2889,13 +2904,13 @@ class Bootstrap
 
     public function verifyHashPassword ($pass, $userPass)
     {
-        $hashType = Bootstrap::getPasswordHashType();
-        if (Bootstrap::hashPassword($pass, $hashType) == $userPass
-            || $pass === Bootstrap::hashPassword($userPass, $hashType, true)) {
+        $passwordHashConfig = Bootstrap::getPasswordHashConfig();
+        $hashTypeCurrent = $passwordHashConfig['current'];
+        $hashTypePrevious = $passwordHashConfig['previous'];
+        if ((Bootstrap::hashPassword($pass, $hashTypeCurrent) == $userPass) || ($pass === $hashTypeCurrent . ':' . $userPass)) {
             return true;
         }
-        if (Bootstrap::hashPassword($pass, $hashType, false, true) == $userPass
-            ||$pass ===  Bootstrap::hashPassword($userPass, $hashType, true, true)) {
+        if ((Bootstrap::hashPassword($pass, $hashTypePrevious) == $userPass) || ($pass === $hashTypePrevious . ':' . $userPass)) {
             return true;
         }
         return false;

workflow/engine/classes/model/CaseScheduler.php

@@ -338,7 +338,7 @@ class CaseScheduler extends BaseCaseScheduler
                 $processId = $aRow["PRO_UID"];
                 $taskId = $aRow["TAS_UID"];
                 $client = new SoapClient( $defaultEndpoint );
-                $params = array ('userid' => $user,'password' => Bootstrap::hashPassword($pass, '', true));
+                $params = array ('userid' => $user,'password' => Bootstrap::getPasswordHashType() . ':' . $pass);
                 $result = $client->__SoapCall( 'login', array ($params) );
                 eprint( " - Logging as user $user............." );
                 if ($result->status_code == 0) {
@@ -500,7 +500,7 @@ class CaseScheduler extends BaseCaseScheduler
                 $processId = $aRow["PRO_UID"];
                 $taskId = $aRow["TAS_UID"];
                 $client = new SoapClient( $defaultEndpoint );
-                $params = array ('userid' => $user,'password' => Bootstrap::hashPassword($pass, '', true));
+                $params = array ('userid' => $user,'password' => Bootstrap::getPasswordHashType() . ':' . $pass);
                 $result = $client->__SoapCall( 'login', array ($params) );
                 eprint( " - Logging as user $user............." );
                 if ($result->status_code == 0) {

workflow/engine/src/ProcessMaker/BusinessModel/WebEntry.php

@@ -396,7 +396,7 @@ class WebEntry
                     $template->assign("dynaformUid", $dynaFormUid);
                     $template->assign("taskUid", $taskUid);
                     $template->assign("wsUser", $usrUsername);
-                    $template->assign("wsPass", Bootstrap::hashPassword($usrPassword, '', true));
+                    $template->assign("wsPass", Bootstrap::getPasswordHashType() . ':' . $usrPassword);
                     $template->assign("wsRoundRobin", $wsRoundRobin);
 
                     if ($webEntryInputDocumentAccess == 0) {