From a76d5628bcd80a756443d43e879c7329a55fe18d Mon Sep 17 00:00:00 2001
From: andryyy <andre.peters@debinux.de>
Date: Mon, 7 Dec 2020 08:13:26 +0100
Subject: [PATCH] [Web] Accept prehashes password on both edit and add mailbox

---
 data/web/inc/functions.mailbox.inc.php | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/data/web/inc/functions.mailbox.inc.php b/data/web/inc/functions.mailbox.inc.php
index 17829562..fff41900 100644
--- a/data/web/inc/functions.mailbox.inc.php
+++ b/data/web/inc/functions.mailbox.inc.php
@@ -1055,9 +1055,10 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
               return false;
             }
             // support pre hashed passwords
-            if(preg_match('/^{SSHA256}|{SSHA}|{SHA512-CRYPT}|{SSHA512}|{MD5-CRYPT}|{PLAIN-MD5}/i', $password)) {
+            if (preg_match('/^({SSHA256}|{SSHA}|{SHA512-CRYPT}|{SSHA512}|{MD5-CRYPT}|{PLAIN-MD5})/i', $password)) {
               $password_hashed = $password;
-            } else {
+            }
+            else {
               $password_hashed = hash_password($password);
             }
           }
@@ -2555,7 +2556,13 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
                 );
                 continue;
               }
-              $password_hashed = hash_password($password);
+              // support pre hashed passwords
+              if (preg_match('/^({SSHA256}|{SSHA}|{SHA512-CRYPT}|{SSHA512}|{MD5-CRYPT}|{PLAIN-MD5})/i', $password)) {
+                $password_hashed = $password;
+              }
+              else {
+                $password_hashed = hash_password($password);
+              }
               $stmt = $pdo->prepare("UPDATE `mailbox` SET
                   `password` = :password_hashed
                     WHERE `username` = :username");