Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • osian/sucs-site
  • kais58/sucs-site
  • imranh/sucs-site
  • foshjedi2004/sucs-site
  • gigosaurus/sucs-site
  • matstn/sucs-site
  • ripp_/sucs-site
  • eggnog/sucs-site
  • sucssite/sucs-site
  • elbows/sucs-site
  • realitykiller/sucs-site
  • crox/sucs-site
  • vectre/sucs-site
  • welshbyte/sucs-site
  • paperclipman/sucs-site
15 results
Show changes
Commits on Source (2)
Hide whitespace changes
Inline Side-by-side
components/options.php
View file @ 99f489ed
......@@ -5,6 +5,8 @@ require_once("../lib/validation.php");
require_once("Net/MAC.php");
include_once("../lib/date.php");
// password hash, renewal functions
include_once("../lib/member_functions.php");
// Some Constants
// These could possibly be moved somewhere saner?
......@@ -47,7 +49,7 @@ function changePassword($oldpass, $newpass1, $newpass2)
// if everything looks OK, attempt to make the change
$success = ldap_mod_replace($ldap, "uid=" . $session->username . ",ou=People,dc=sucs,dc=org",
array('userpassword' => "{SHA}" . base64_encode(pack("H*", sha1($newpass1)))));
array('userpassword' => "{CRYPT}" . cryptPassword($newpass1)));
ldap_close($ldap);
return $success;
......@@ -214,7 +216,6 @@ function updateRenew()
return FALSE;
}
include_once("../lib/member_functions.php");
renew_membership($member['username']);
$sucsDB->Execute("update signup set activated=NOW(), username=? where id=?", array($member['username'], $signup['id']));
return TRUE;
......
lib/member_functions.php
View file @ 99f489ed
......@@ -29,6 +29,19 @@ function make_password($length = 8)
return $password;
}
// https://stackoverflow.com/a/44428794
function cryptPassword($password, $salt = "", $rounds = 5000)
{
if ($salt == "") {
// Generate random salt
$salt = substr(bin2hex(openssl_random_pseudo_bytes(16)),0,16);
}
// $6$ specifies SHA512
$hash = crypt($password, sprintf('$6$rounds=%d$%s$', $rounds, $salt));
return $hash;
}
function generateUid()
{
......@@ -63,7 +76,7 @@ function generateLdif($uid, $password, $type, $realname, $username)
// explode the realname
$nameexplode = explode(' ', trim($realname));
// hash the password
$ldappassword = "{SHA}" . base64_encode(pack("H*", sha1($password)));
$ldappassword = "{CRYPT}" . cryptPassword($password);
// compile ldif
$ldif = "dn: uid=" . $username . ",ou=People,dc=sucs,dc=org\n";
$ldif .= "uid: " . $username . "\n";
......