X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=htdocs%2Fjavascript%2Fdo_challenge_response.js;h=102ec181fcac484155ce828a4e68aff72aa8143d;hb=01bb23e6f5ae192ffaa6afbbd94b21b2b37f2138;hp=5eced5d10da21a0163b9c32f489cd62772a01ae3;hpb=50a40a33a496131e817df875607ea5542d096a64;p=platal.git

diff --git a/htdocs/javascript/do_challenge_response.js b/htdocs/javascript/do_challenge_response.js
index 5eced5d..102ec18 100644
--- a/htdocs/javascript/do_challenge_response.js
+++ b/htdocs/javascript/do_challenge_response.js
@@ -1,5 +1,5 @@
 /***************************************************************************
- *  Copyright (C) 2003-2006 Polytechnique.org                              *
+ *  Copyright (C) 2003-2010 Polytechnique.org                              *
  *  http://opensource.polytechnique.org/                                   *
  *                                                                         *
  *  This program is free software; you can redistribute it and/or modify   *
@@ -33,8 +33,8 @@ function correctUserName() {
     if (mots[1].toUpperCase() == 'DE') { u.value = mots[0]+"."+mots.join('-').substr(mots[0].length+1); return true; }
     // jean paul dupont -> jean-paul.dupont
     if (mots.length == 3 && mots[0].toUpperCase() == 'JEAN') { u.value = mots[0]+"-"+mots[1]+"."+mots[2]; return true; }
-    
-    alert('Ton email ne doit pas contenir de blanc.\nLe format standard est\n\nprenom.nom.promotion\n\nSi ton nom ou ton prenom est composé,\nsépare les mots par des -');
+
+    alert('Ton email ne doit pas contenir de blanc.\nLe format standard est\n\nprenom.nom.promotion\n\nSi ton nom ou ton prenom est composÃ©,\nsÃ©pare les mots par des -');
 
     return false;
 }
@@ -43,15 +43,21 @@ function doChallengeResponse() {
 
     if (!correctUserName()) return false;
 
+    var new_pass = hash_encrypt(document.forms.login.password.value);
+    var old_pass = hash_encrypt(document.forms.login.password.value.substr(0, 10));
+
     str = document.forms.login.username.value + ":" +
-        MD5(document.forms.login.password.value) + ":" +
+        new_pass + ":" +
         document.forms.loginsub.challenge.value;
 
-    document.forms.loginsub.response.value = MD5(str);
+    document.forms.loginsub.response.value = hash_encrypt(str);
+    if (new_pass != old_pass) {
+        document.forms.loginsub.xorpass.value = hash_xor(new_pass, old_pass);
+    }
     document.forms.loginsub.username.value = document.forms.login.username.value;
     document.forms.loginsub.remember.value = document.forms.login.remember.checked;
     document.forms.loginsub.domain.value = document.forms.login.domain.value;
     document.forms.login.password.value = "";
     document.forms.loginsub.submit();
-
 }
+// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: