From 70a8588117a3b47b5d102174000aac80383fd60b Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Sun, 27 Mar 2011 21:17:45 +0000
Subject: [PATCH] fixed password encryption mechanism in remoting API.

---
 interface/lib/classes/remoting_lib.inc.php | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/interface/lib/classes/remoting_lib.inc.php b/interface/lib/classes/remoting_lib.inc.php
index 7bd8f69e6..57ff99807 100644
--- a/interface/lib/classes/remoting_lib.inc.php
+++ b/interface/lib/classes/remoting_lib.inc.php
@@ -694,7 +694,7 @@ class remoting_lib {
 			$salt.="$";
 			$password = crypt(stripslashes($password),$salt);
 			$sql1 = "INSERT INTO sys_user (username,passwort,modules,startmodule,app_theme,typ,active,language,groups,default_group,client_id)
-			VALUES ('$username',md5('$password'),'$modules','$startmodule','$usertheme','$type','$active','$language',$groups,$groupid,$insert_id)";
+			VALUES ('$username','$password','$modules','$startmodule','$usertheme','$type','$active','$language',$groups,$groupid,$insert_id)";
 			$app->db->query($sql1);
 		}
 		
@@ -703,7 +703,14 @@ class remoting_lib {
 			$username = $app->db->quote($params["username"]);
 			$password = $app->db->quote($params["password"]);
 			$client_id = intval($client_id);
-			$sql = "UPDATE sys_user set username = '$username', passwort = md5('$password') WHERE client_id = $client_id";
+			$salt="$1$";
+			$base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
+			for ($n=0;$n<8;$n++) {
+				$salt.=$base64_alphabet[mt_rand(0,63)];
+			}
+			$salt.="$";
+			$password = crypt(stripslashes($password),$salt);
+			$sql = "UPDATE sys_user set username = '$username', passwort = '$password' WHERE client_id = $client_id";
 			$app->db->query($sql);
 		}
 		
-- 
GitLab