[Mapbender-commits] r10142 - trunk/mapbender/http/classes

svn_mapbender at osgeo.org svn_mapbender at osgeo.org
Thu Jun 6 07:14:11 PDT 2019 

Author: armin11
Date: 2019-06-06 07:14:11 -0700 (Thu, 06 Jun 2019)
New Revision: 10142

Modified:
   trunk/mapbender/http/classes/class_user.php
Log:
Fix for update digest if wished

Modified: trunk/mapbender/http/classes/class_user.php
===================================================================
--- trunk/mapbender/http/classes/class_user.php	2019-06-06 13:07:32 UTC (rev 10141)
+++ trunk/mapbender/http/classes/class_user.php	2019-06-06 14:14:11 UTC (rev 10142)
@@ -732,6 +732,7 @@
 		return json_encode($this->returnObject);
 	}
 	$row = db_fetch_array($res);
+	$mbUserEmail = $row['mb_user_email'];
 	//check all 
 	//first login on new system, set (salt - maybe later - and ) new password when password column is empty, delete old unsecure md5 hash
 	//Test if account has already been activated by the user
@@ -822,16 +823,15 @@
 				//delete all old unsecure passwords if given!!!
 				$e = new mb_notice("classes/class_user.php: "."Try to delete all unsecure passwords!");
 				if ($row['create_digest'] == 'f') {
-
-				$e = new mb_notice("classes/class_user.php: "."Try to delete all unsecure passwords!");
+					$e = new mb_notice("classes/class_user.php: "."Try to delete all unsecure passwords!");
 					$sql = "UPDATE mb_user SET mb_user_password = $1 , mb_user_digest = $2, mb_user_aldigest = $3 WHERE mb_user_id = $4";
 					$v = array('','','',$row['mb_user_id']);
 					$t = array('s','s','s','i');
 					$res = db_prep_query($sql,$v,$t);
 				} else {
-					$sql = "UPDATE mb_user SET mb_user_password = $1 WHERE mb_user_id = $2";
-					$v = array('',$row['mb_user_id']);
-					$t = array('s','i');
+					$sql = "UPDATE mb_user SET mb_user_password = $1, mb_user_digest = $2, mb_user_aldigest = $3 WHERE mb_user_id = $4";
+					$v = array('',hash(strtolower($mbUserHashAlgo), $mbUserName.";".$mbUserEmail.":".REALM.":".$userPassword),hash(strtolower($mbUserHashAlgo), $mbUserName.":".REALM.":".$userPassword),$row['mb_user_id']);
+					$t = array('s','s','s','i');
 					$res = db_prep_query($sql,$v,$t);
 				}
 				//

More information about the Mapbender_commits mailing list