client_change_password bug fix

[desanidesigns]

While trying to use the client_change_password remoting function, I noticed it was not taking the parameters I was giving it and it was not changing the user's password.

These modifications are required for the function to actually work, and hopefully we can get this fixed in the next release.

/usr/local/ispconfig/interface/lib/classes/remoting.inc.php
Line 2524 Reads:

Code:

 $sql = "UPDATE client SET password = md5('".($new_password)."')   WHERE client_id = ".$client_id;

Should read:

Code:

$sql = "UPDATE client SET password = md5('".$new_password."') WHERE client_id = ".$client_id;

Line 2527 Reads:

Code:

$sql = "UPDATE sys_user SET passwort = md5('".($new_password)."')         WHERE client_id = ".$client_id;

Should read:

Code:

$sql = "UPDATE sys_user SET passwort = md5('".$new_password."') WHERE client_id = ".$client_id;

If you're banging your head against the wall trying to get a user's password changed using the remote framework, make those edits and it will work. The parenthesis in the query are what's throwing it off.

[till]

Thanks for your fix. The client_change_password function that you used gets marked as deprecated as of 3.0.5 as its functionality is included in the client_update function.

Better use this code to update a password:

$params = $soapclient->client_get($session_id, $client_id);
$params['password'] = 'myNewPassword';
$soapclient->client_update($session_id, $client_id, $params['parent_client_id'], $params);

[Matt43]

Is this the actual fix to the issue? I don't see why the brackets would cause a problem. From the looks of it, the password field in table 'client' is NOT md5() but a crypt'ed password..

I'm having this same problem, also having a problem with the client_update function not updating the password also.

I'm assuming a similar problem to my other thread here

[till]

The default password encryption is crypt, but md5 is supported as well. Which ispconfig version do you use?

[Matt43]

Currently using 3.0.4.3