From 2b18a8ffcae2a4a2ae3a3636e66ae4db51df1df8 Mon Sep 17 00:00:00 2001 From: Florent Bruneau Date: Thu, 25 Sep 2008 21:34:49 +0200 Subject: [PATCH] Remove MD5 -> SHA1 password transition and replace it by (10 characters -> 256 characters) Signed-off-by: Florent Bruneau --- classes/xorgsession.php | 1 + htdocs/javascript/do_challenge_response.js | 7 +++---- templates/core/password_prompt.tpl | 2 +- templates/core/password_prompt_logged.tpl | 2 +- templates/platal/motdepasse.tpl | 4 ++-- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/classes/xorgsession.php b/classes/xorgsession.php index 025af61..3f7b5dd 100644 --- a/classes/xorgsession.php +++ b/classes/xorgsession.php @@ -87,6 +87,7 @@ class XorgSession extends PlSession SET password = {?} WHERE user_id = {?}', $new_password, $uid); + /* TODO: update GApps password here!!! */ } } if ($response != $expected_response) { diff --git a/htdocs/javascript/do_challenge_response.js b/htdocs/javascript/do_challenge_response.js index 77ad253..0a9c94d 100644 --- a/htdocs/javascript/do_challenge_response.js +++ b/htdocs/javascript/do_challenge_response.js @@ -33,7 +33,7 @@ function correctUserName() { if (mots[1].toUpperCase() == 'DE') { u.value = mots[0]+"."+mots.join('-').substr(mots[0].length+1); return true; } // jean paul dupont -> jean-paul.dupont if (mots.length == 3 && mots[0].toUpperCase() == 'JEAN') { u.value = mots[0]+"-"+mots[1]+"."+mots[2]; return true; } - + alert('Ton email ne doit pas contenir de blanc.\nLe format standard est\n\nprenom.nom.promotion\n\nSi ton nom ou ton prenom est composé,\nsépare les mots par des -'); return false; @@ -44,8 +44,8 @@ function doChallengeResponse() { if (!correctUserName()) return false; var new_pass = hash_encrypt(document.forms.login.password.value); - var old_pass = MD5(document.forms.login.password.value); - + var old_pass = hash_encrypt(document.forms.login.password.value.substr(0, 10)); + str = document.forms.login.username.value + ":" + new_pass + ":" + document.forms.loginsub.challenge.value; @@ -57,6 +57,5 @@ function doChallengeResponse() { document.forms.loginsub.domain.value = document.forms.login.domain.value; document.forms.login.password.value = ""; document.forms.loginsub.submit(); - } // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: diff --git a/templates/core/password_prompt.tpl b/templates/core/password_prompt.tpl index f3be2ff..f43446d 100644 --- a/templates/core/password_prompt.tpl +++ b/templates/core/password_prompt.tpl @@ -78,7 +78,7 @@ Si tu n'es pas {insert name="getName"}, change le login ci-dessous, ou rends-toi Mot de passe : - + diff --git a/templates/core/password_prompt_logged.tpl b/templates/core/password_prompt_logged.tpl index f3efb71..b37aab8 100644 --- a/templates/core/password_prompt_logged.tpl +++ b/templates/core/password_prompt_logged.tpl @@ -50,7 +50,7 @@ Mot de passe : - +  Perdu ? diff --git a/templates/platal/motdepasse.tpl b/templates/platal/motdepasse.tpl index 983dbdb..0ddba49 100644 --- a/templates/platal/motdepasse.tpl +++ b/templates/platal/motdepasse.tpl @@ -47,7 +47,7 @@ Mot de passe : - + @@ -55,7 +55,7 @@ Retape-le une fois : - + -- 2.1.4