Commit f17dab42 authored by vogelor's avatar vogelor
Browse files

The webdav user pwd was hased twice. Now it is working fine

parent 94927b95
......@@ -166,12 +166,13 @@ class page_action extends tform_actions {
$data = $app->db->queryOneRecord("SELECT * FROM webdav_user WHERE webdav_user_id = ".intval($this->id));
$this->dataRecord["username"] = $data['username'];
$this->dataRecord["dir"] = $data['dir'];
$passwordOld = $data['password'];
/*
* We shall not save the pwd in plaintext, so we store it as the hash, the apache-moule
* needs (only if the pwd is changed
* needs (only if the pwd is changed)
*/
if (isset($this->dataRecord["password"]) && $this->dataRecord["password"] != '') {
if ((isset($this->dataRecord["password"])) && ($this->dataRecord["password"] != '') && ($this->dataRecord["password"] != $passwordOld)) {
$hash = md5($this->dataRecord["username"] . ':' . $this->dataRecord["dir"] . ':' . $this->dataRecord["password"]);
$this->dataRecord["password"] = $hash;
}
......
......@@ -1085,7 +1085,6 @@ class apache2_plugin {
$changed = false;
$in = fopen($filename, 'r');
$output = '';
/*
* read line by line and search for the username and authname
*/
......@@ -1096,10 +1095,9 @@ class apache2_plugin {
/*
* found the user. delete or change it?
*/
if ($pwd != '') {
$tmp[2] = $pwdhash;
$output .= $tmp[0] . ':' . $tmp[1] . ':' . $tmp[2] . "\n";
}
if ($pwdhash != '') {
$output .= $tmp[0] . ':' . $tmp[1] . ':' . $pwdhash . "\n";
}
$changed = true;
}
else {
......@@ -1110,7 +1108,7 @@ class apache2_plugin {
* if we didn't change anything, we have to add the new user at the end of the file
*/
if (!$changed) {
$output .= $username . ':' . $authname . ':' . md5($username . ':' . $authname . ':' . $pwd) . "\n";
$output .= $username . ':' . $authname . ':' . $pwdhash . "\n";
}
fclose($in);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment