View Single Post
  #5  
Old 28th March 2011, 00:07
xaver xaver is offline
Member
 
Join Date: May 2009
Posts: 77
Thanks: 10
Thanked 25 Times in 14 Posts
Default

If you use API and dont comment it out, password wont work.
In next lines are the insert with md5('.$password.') in the query.


UPDATE in remoting_lib.inc.php -> NO crypt -> after a update the account work perfect:
PHP Code:
        function ispconfig_sysuser_update($params,$client_id){
            global 
$app;
            
$username $app->db->quote($params["username"]);
            
$password $app->db->quote($params["password"]);
            
$client_id intval($client_id);
            
$sql "UPDATE sys_user set username = '$username', passwort = md5('$password') WHERE client_id = $client_id";
            
$app->db->query($sql);
        } 
ADD in remoting_lib.inc.php -> crypt -> login with API created account wont work:
PHP Code:
            $salt="$1$";
            
$base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
            for (
$n=0;$n<8;$n++) {
                
$salt.=$base64_alphabet[mt_rand(0,63)];
            }
            
$salt.="$";
            
$password crypt(stripslashes($password),$salt);
            
$sql1 "INSERT INTO sys_user (username,passwort,modules,startmodule,app_theme,typ,active,language,groups,default_group,client_id)
            VALUES ('$username',md5('$password'),'$modules','$startmodule','$usertheme','$type','$active','$language',$groups,$groupid,$insert_id)"

Add a normal account in ispconfig and look into the database in sys_user table -> its md5.
client table is crypt.

Last edited by xaver; 28th March 2011 at 00:13.
Reply With Quote