From: Andrew Dolgov Date: Mon, 23 Jan 2012 08:20:09 +0000 (+0400) Subject: fix various password-change related functions X-Git-Tag: 1.5.10~35 X-Git-Url: https://git.wh0rd.org/?a=commitdiff_plain;h=098df83ba6a5fb7ea03cb9dfc9f6eca82397fe27;p=tt-rss.git fix various password-change related functions --- diff --git a/classes/pref_prefs.php b/classes/pref_prefs.php index 03e39caa..175566d8 100644 --- a/classes/pref_prefs.php +++ b/classes/pref_prefs.php @@ -28,34 +28,43 @@ class Pref_Prefs extends Protected_Handler { return; } - $old_pw_hash1 = encrypt_password($old_pw); - $old_pw_hash2 = encrypt_password($old_pw, $_SESSION["name"]); - $new_pw_hash = encrypt_password($new_pw, $_SESSION["name"]); + $result = db_query($this->link, "SELECT salt FROM ttrss_users WHERE + id = " . $_SESSION['uid']); - $active_uid = $_SESSION["uid"]; + $salt = db_fetch_result($result, 0, "salt"); - if ($old_pw && $new_pw) { + if (!$salt) { + $old_pw_hash1 = encrypt_password($old_pw); + $old_pw_hash2 = encrypt_password($old_pw, $_SESSION["name"]); - $login = db_escape_string($_SERVER['PHP_AUTH_USER']); + $query = "SELECT id FROM ttrss_users WHERE + id = ".$_SESSION['uid']." AND (pwd_hash = '$old_pw_hash1' OR + pwd_hash = '$old_pw_hash2')"; - $result = db_query($this->link, "SELECT id FROM ttrss_users WHERE - id = '$active_uid' AND (pwd_hash = '$old_pw_hash1' OR - pwd_hash = '$old_pw_hash2')"); + } else { + $old_pw_hash = encrypt_password($old_pw, $salt, true); - if (db_num_rows($result) == 1) { - db_query($this->link, "UPDATE ttrss_users SET pwd_hash = '$new_pw_hash' - WHERE id = '$active_uid'"); + $query = "SELECT id FROM ttrss_users WHERE + id = ".$_SESSION['uid']." AND pwd_hash = '$old_pw_hash'"; + } - $_SESSION["pwd_hash"] = $new_pw_hash; + $result = db_query($this->link, $query); - print __("Password has been changed."); - } else { - print "ERROR: ".__('Old password is incorrect.'); - } - } + if (db_num_rows($result) == 1) { - return; + $new_salt = substr(bin2hex(openssl_random_pseudo_bytes(125)), 0, 250); + $new_pw_hash = encrypt_password($new_pw, $new_salt, true); + + db_query($this->link, "UPDATE ttrss_users SET + pwd_hash = '$new_pw_hash', salt = '$new_salt' + WHERE id = ".$_SESSION['uid']); + + $_SESSION["pwd_hash"] = $new_pw_hash; + print __("Password has been changed."); + } else { + print "ERROR: ".__('Old password is incorrect.'); + } } function saveconfig() { diff --git a/classes/pref_users.php b/classes/pref_users.php index fe32ce14..975b41f5 100644 --- a/classes/pref_users.php +++ b/classes/pref_users.php @@ -206,8 +206,9 @@ class Pref_Users extends Protected_Handler { $password = db_escape_string(trim($_REQUEST["password"])); if ($password) { - $pwd_hash = encrypt_password($password, $login); - $pass_query_part = "pwd_hash = '$pwd_hash', "; + $salt = substr(bin2hex(openssl_random_pseudo_bytes(125)), 0, 250); + $pwd_hash = encrypt_password($password, $salt, true); + $pass_query_part = "pwd_hash = '$pwd_hash', salt = '$salt',"; } else { $pass_query_part = ""; } @@ -233,7 +234,8 @@ class Pref_Users extends Protected_Handler { $login = db_escape_string(trim($_REQUEST["login"])); $tmp_user_pwd = make_password(8); - $pwd_hash = encrypt_password($tmp_user_pwd, $login); + $salt = substr(bin2hex(openssl_random_pseudo_bytes(125)), 0, 250); + $pwd_hash = encrypt_password($tmp_user_pwd, $salt, true); $result = db_query($this->link, "SELECT id FROM ttrss_users WHERE login = '$login'"); @@ -241,8 +243,8 @@ class Pref_Users extends Protected_Handler { if (db_num_rows($result) == 0) { db_query($this->link, "INSERT INTO ttrss_users - (login,pwd_hash,access_level,last_login,created) - VALUES ('$login', '$pwd_hash', 0, null, NOW())"); + (login,pwd_hash,access_level,last_login,created, salt) + VALUES ('$login', '$pwd_hash', 0, null, NOW(), '$salt')"); $result = db_query($this->link, "SELECT id FROM ttrss_users WHERE @@ -276,10 +278,14 @@ class Pref_Users extends Protected_Handler { $login = db_fetch_result($result, 0, "login"); $email = db_fetch_result($result, 0, "email"); + $salt = db_fetch_result($result, 0, "salt"); + + $new_salt = substr(bin2hex(openssl_random_pseudo_bytes(125)), 0, 250); $tmp_user_pwd = make_password(8); - $pwd_hash = encrypt_password($tmp_user_pwd, $login); - db_query($this->link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash' + $pwd_hash = encrypt_password($tmp_user_pwd, $new_salt, true); + + db_query($this->link, "UPDATE ttrss_users SET pwd_hash = '$pwd_hash', salt = '$new_salt' WHERE id = '$uid'"); print T_sprintf("Changed password of user %s diff --git a/register.php b/register.php index 4107a2ea..e75c1c94 100644 --- a/register.php +++ b/register.php @@ -4,7 +4,7 @@ // 1) templates/register_notice.txt - displayed above the registration form // 2) register_expire_do.php - contains user expiration queries when necessary - set_include_path(get_include_path() . PATH_SEPARATOR . + set_include_path(get_include_path() . PATH_SEPARATOR . dirname(__FILE__) . "/include"); require_once 'lib/phpmailer/class.phpmailer.php'; @@ -270,11 +270,12 @@ $password = make_password(); - $pwd_hash = encrypt_password($password, $login); + $salt = substr(bin2hex(openssl_random_pseudo_bytes(125)), 0, 250); + $pwd_hash = encrypt_password($password, $salt, true); db_query($link, "INSERT INTO ttrss_users - (login,pwd_hash,access_level,last_login, email, created) - VALUES ('$login', '$pwd_hash', 0, null, '$email', NOW())"); + (login,pwd_hash,access_level,last_login, email, created, salt) + VALUES ('$login', '$pwd_hash', 0, null, '$email', NOW(), '$salt')"); $result = db_query($link, "SELECT id FROM ttrss_users WHERE login = '$login' AND pwd_hash = '$pwd_hash'");