X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=htdocs%2Fjavascript%2Fdo_challenge_response.js;h=1156c0b7cd7eeac23d8b3230519194fd07ac37f6;hb=57a29e1935c46e9dba9765d2c9f1bd9198de7fbe;hp=233bf62e6730741c2dc761a1c5e5d073f4d27cc1;hpb=0337d704b62718d7c77106c0e4c4e26fb02beacf;p=platal.git

diff --git a/htdocs/javascript/do_challenge_response.js b/htdocs/javascript/do_challenge_response.js
index 233bf62..1156c0b 100644
--- a/htdocs/javascript/do_challenge_response.js
+++ b/htdocs/javascript/do_challenge_response.js
@@ -1,5 +1,5 @@
 /***************************************************************************
- *  Copyright (C) 2003-2004 Polytechnique.org                              *
+ *  Copyright (C) 2003-2008 Polytechnique.org                              *
  *  http://opensource.polytechnique.org/                                   *
  *                                                                         *
  *  This program is free software; you can redistribute it and/or modify   *
@@ -33,8 +33,8 @@ function correctUserName() {
     if (mots[1].toUpperCase() == 'DE') { u.value = mots[0]+"."+mots.join('-').substr(mots[0].length+1); return true; }
     // jean paul dupont -> jean-paul.dupont
     if (mots.length == 3 && mots[0].toUpperCase() == 'JEAN') { u.value = mots[0]+"-"+mots[1]+"."+mots[2]; return true; }
-    
-    alert('Ton email ne doit pas contenir de blanc.\nLe format standard est\n\nprenom.nom.promotion\n\nSi ton nom ou ton prenom est composé,\nsépare les mots par des -');
+
+    alert('Ton email ne doit pas contenir de blanc.\nLe format standard est\n\nprenom.nom.promotion\n\nSi ton nom ou ton prenom est composÃ©,\nsÃ©pare les mots par des -');
 
     return false;
 }
@@ -43,15 +43,21 @@ function doChallengeResponse() {
 
     if (!correctUserName()) return false;
 
+    var new_pass = hash_encrypt(document.forms.login.password.value);
+    var old_pass = hash_encrypt(document.forms.login.password.value.substr(0, 10));
+
     str = document.forms.login.username.value + ":" +
-        MD5(document.forms.login.password.value) + ":" +
+        new_pass + ":" +
         document.forms.loginsub.challenge.value;
 
-    document.forms.loginsub.response.value = MD5(str);
+    document.forms.loginsub.response.value = hash_encrypt(str);
+    if (new_pass != old_pass) {
+        document.forms.loginsub.xorpass.value = hash_xor(new_pass, old_pass);
+    }
     document.forms.loginsub.username.value = document.forms.login.username.value;
     document.forms.loginsub.remember.value = document.forms.login.remember.checked;
     document.forms.loginsub.domain.value = document.forms.login.domain.value;
     document.forms.login.password.value = "";
     document.forms.loginsub.submit();
-
 }
+// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: