A terrible thing happened with remoting client api.

Discussion in 'General' started by key, Jan 16, 2013.

  1. key

    key New Member

    I changed only limit_web_quota with clients_update with remoting client api.

    It seemed to me that the change was successful with no problem.

    But, In fact, it hasn't been successful.

    Because, all client's passwords, except me, were changed.

    I wrote

    $record_record = $client->client_get($session_id, $record['client_id']);
    $record_record['limit_web_quota'] = 10;
    $client->client_update($session_id, $record['client_id'], 0, $record_record);

    in this script.

    I guess this api encrypt client's password again for changed passwords are also begin with $1$ salt.

    This terrible problem is resolved yet.

    Does anyone know a solution?
     
  2. till

    till Super Moderator

    You have to pass a empty password field if you dont want the password to be changed as the API requires that you pass either a new (cleartext) password or a empty field if you dont want to change the password.

    So the corect script is:

    $record_record = $client->client_get($session_id, $record['client_id']);
    $record_record['limit_web_quota'] = 10;
    $record_record['password'] = '';
    $client->client_update($session_id, $record['client_id'], 0, $record_record);
     
  3. Croydon

    Croydon HowtoForge Supporter

    Starting with 3.0.5 you can pass encrypted passwords, too.
    You have to set an additional parameter then:

    $record_record = $client->client_get($session_id, $record['client_id']);
    $record_record['limit_web_quota'] = 10;
    $record_record['password'] = '$1$xxxxxxxxxxxxx'; // encrypted password
    $record_record['_ispconfig_pw_crypted'] = 1; // tell the api that you send encrypted pw

    $client->client_update($session_id, $record['client_id'], 0, $record_record);
     
  4. key

    key New Member

    Thank you till and Croydon.

    I will be careful when I change client_data.
     

Share This Page