if (list($uid, $password) = $res->fetchOneRow()) {
require_once 'secure_hash.inc.php';
$expected_response = hash_encrypt("$uname:$password:" . S::v('challenge'));
- if ($response != $expected_response) {
+ if ($response != $expected_response && Env::has('xorpass')
+ && !preg_match('/^0*$/', Env::v('xorpass'))) {
$new_password = hash_xor(Env::v('xorpass'), $password);
$expected_response = hash_encrypt("$uname:$new_password:" . S::v('challenge'));
if ($response == $expected_response) {
- XDB::execute('UPDATE auth_user_md5
- SET password = {?}
- WHERE user_id = {?}',
- $new_password, $uid);
+ XDB::execute('UPDATE auth_user_md5
+ SET password = {?}
+ WHERE user_id = {?}',
+ $new_password, $uid);
+
+ // Update the GoogleApps password as well, if required.
+ global $globals;
+ if ($globals->mailstorage->googleapps_domain) {
+ require_once 'googleapps.inc.php';
+ $user = User::getSilent($uid);
+ $account = new GoogleAppsAccount($user);
+ if ($account->active() && $account->sync_password) {
+ $account->set_password($new_password);
+ }
+ }
}
}
if ($response != $expected_response) {
unset($_SESSION['log']);
// Retrieves main user properties.
- global $globals;
$res = XDB::query("SELECT u.user_id AS uid, u.hruid, prenom, prenom_ini, nom, nom_ini, nom_usage, perms, promo, promo_sortie,
matricule, password, FIND_IN_SET('femme', u.flags) AS femme,
- CONCAT(a.alias, '@{$globals->mail->domain}') AS forlife,
- CONCAT(a2.alias, '@{$globals->mail->domain}') AS bestalias,
q.core_mail_fmt AS mail_fmt, UNIX_TIMESTAMP(q.banana_last) AS banana_last, q.watch_last, q.core_rss_hash,
FIND_IN_SET('watch', u.flags) AS watch_account, q.last_version, g.g_account_name IS NOT NULL AS googleapps
FROM auth_user_md5 AS u
INNER JOIN auth_user_quick AS q USING(user_id)
- INNER JOIN aliases AS a ON (u.user_id = a.id AND a.type = 'a_vie')
- INNER JOIN aliases AS a2 ON (u.user_id = a2.id AND FIND_IN_SET('bestalias', a2.flags))
LEFT JOIN gapps_accounts AS g ON (u.user_id = g.l_userid AND g.g_status = 'active')
WHERE u.user_id = {?} AND u.perms IN('admin', 'user')", $uid);
$sess = $res->fetchOneAssoc();
public function setSkin()
{
- global $globals;
if (S::logged() && (!S::has('skin') || S::has('suid'))) {
$uid = S::v('uid');
$res = XDB::query("SELECT skin_tpl