Skip to content
Snippets Groups Projects
Commit 1b719064 authored by Falko Timme's avatar Falko Timme
Browse files

- No webdav users could be created because password validation failed.

parent 3d06bad1
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
interface/web/sites/webdav_user_edit.php
+ 18
14
View file @ 1b719064
...@@ -134,12 +134,6 @@ class page_action extends tform_actions { ...@@ -134,12 +134,6 @@ class page_action extends tform_actions {
/* restrict the names */ /* restrict the names */
$this->dataRecord['username'] = $webdavuser_prefix . $this->dataRecord['username']; $this->dataRecord['username'] = $webdavuser_prefix . $this->dataRecord['username'];
/*
* We shall not save the pwd in plaintext, so we store it as the hash, the apache-moule needs
*/
$hash = md5($this->dataRecord["username"] . ':' . $this->dataRecord["dir"] . ':' . $this->dataRecord["password"]);
$this->dataRecord["password"] = $hash;
/* /*
* Get the data of the domain, owning the webdav user * Get the data of the domain, owning the webdav user
*/ */
...@@ -155,6 +149,14 @@ class page_action extends tform_actions { ...@@ -155,6 +149,14 @@ class page_action extends tform_actions {
function onAfterInsert() { function onAfterInsert() {
global $app, $conf; global $app, $conf;
/*
* We shall not save the pwd in plaintext, so we store it as the hash, the apache-moule needs
*/
$hash = md5($this->dataRecord["username"] . ':' . $this->dataRecord["dir"] . ':' . $this->dataRecord["password"]);
$this->dataRecord["password"] = $hash;
$app->db->query("UPDATE webdav_user SET password = '".$this->dataRecord["password"]."' WHERE webdav_user_id = ".$this->id);
} }
function onBeforeUpdate() { function onBeforeUpdate() {
...@@ -168,22 +170,24 @@ class page_action extends tform_actions { ...@@ -168,22 +170,24 @@ class page_action extends tform_actions {
$this->dataRecord["username"] = $data['username']; $this->dataRecord["username"] = $data['username'];
$this->dataRecord["dir"] = $data['dir']; $this->dataRecord["dir"] = $data['dir'];
$this->dataRecord['username_prefix'] = $data['username_prefix']; $this->dataRecord['username_prefix'] = $data['username_prefix'];
$passwordOld = $data['password']; $this->dataRecord['passwordOld'] = $data['password'];
parent::onBeforeUpdate();
}
function onAfterUpdate() {
global $app, $conf;
/* /*
* We shall not save the pwd in plaintext, so we store it as the hash, the apache-moule * We shall not save the pwd in plaintext, so we store it as the hash, the apache-moule
* needs (only if the pwd is changed) * needs (only if the pwd is changed)
*/ */
if ((isset($this->dataRecord["password"])) && ($this->dataRecord["password"] != '') && ($this->dataRecord["password"] != $passwordOld)) { if ((isset($this->dataRecord["password"])) && ($this->dataRecord["password"] != '') && ($this->dataRecord["password"] != $this->dataRecord['passwordOld'])) {
$hash = md5($this->dataRecord["username"] . ':' . $this->dataRecord["dir"] . ':' . $this->dataRecord["password"]); $hash = md5($this->dataRecord["username"] . ':' . $this->dataRecord["dir"] . ':' . $this->dataRecord["password"]);
$this->dataRecord["password"] = $hash; $this->dataRecord["password"] = $hash;
} }
parent::onBeforeUpdate(); $app->db->query("UPDATE webdav_user SET password = '".$this->dataRecord["password"]."' WHERE webdav_user_id = ".$this->id);
}
function onAfterUpdate() {
global $app, $conf;
} }
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment