[Web] Accept prehashes password on both edit and add mailbox

master
andryyy 2020-12-07 08:13:26 +01:00
parent 3b1a87f9a7
commit a76d5628bc
No known key found for this signature in database
GPG Key ID: 8EC34FF2794E25EF
1 changed files with 10 additions and 3 deletions

View File

@ -1055,9 +1055,10 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
return false; return false;
} }
// support pre hashed passwords // support pre hashed passwords
if(preg_match('/^{SSHA256}|{SSHA}|{SHA512-CRYPT}|{SSHA512}|{MD5-CRYPT}|{PLAIN-MD5}/i', $password)) { if (preg_match('/^({SSHA256}|{SSHA}|{SHA512-CRYPT}|{SSHA512}|{MD5-CRYPT}|{PLAIN-MD5})/i', $password)) {
$password_hashed = $password; $password_hashed = $password;
} else { }
else {
$password_hashed = hash_password($password); $password_hashed = hash_password($password);
} }
} }
@ -2555,7 +2556,13 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
); );
continue; continue;
} }
$password_hashed = hash_password($password); // support pre hashed passwords
if (preg_match('/^({SSHA256}|{SSHA}|{SHA512-CRYPT}|{SSHA512}|{MD5-CRYPT}|{PLAIN-MD5})/i', $password)) {
$password_hashed = $password;
}
else {
$password_hashed = hash_password($password);
}
$stmt = $pdo->prepare("UPDATE `mailbox` SET $stmt = $pdo->prepare("UPDATE `mailbox` SET
`password` = :password_hashed `password` = :password_hashed
WHERE `username` = :username"); WHERE `username` = :username");