From e673df3ba8d690afbbba28f9ec368e475933efe8 Mon Sep 17 00:00:00 2001 From: Mohamad Elrashidin Bin Sajeli Date: Thu, 8 May 2014 20:22:30 +0800 Subject: [PATCH 1/2] Changed password_hash to pla_password_hash --- lib/functions.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/functions.php b/lib/functions.php index 56d8bf3..ad9ee9f 100644 --- a/lib/functions.php +++ b/lib/functions.php @@ -2127,7 +2127,7 @@ function password_types() { * crypt, ext_des, md5crypt, blowfish, md5, sha, smd5, ssha, sha512, or clear. * @return string The hashed password. */ -function password_hash($password_clear,$enc_type) { +function pla_password_hash($password_clear,$enc_type) { if (DEBUG_ENABLED && (($fargs=func_get_args())||$fargs='NOARGS')) debug_log('Entered (%%)',1,0,__FILE__,__LINE__,__METHOD__,$fargs); @@ -2318,7 +2318,7 @@ function password_check($cryptedpassword,$plainpassword,$attribute='userpassword # SHA crypted passwords case 'sha': - if (strcasecmp(password_hash($plainpassword,'sha'),'{SHA}'.$cryptedpassword) == 0) + if (strcasecmp(pla_password_hash($plainpassword,'sha'),'{SHA}'.$cryptedpassword) == 0) return true; else return false; @@ -2327,7 +2327,7 @@ function password_check($cryptedpassword,$plainpassword,$attribute='userpassword # MD5 crypted passwords case 'md5': - if( strcasecmp(password_hash($plainpassword,'md5'),'{MD5}'.$cryptedpassword) == 0) + if( strcasecmp(pla_password_hash($plainpassword,'md5'),'{MD5}'.$cryptedpassword) == 0) return true; else return false; @@ -2392,7 +2392,7 @@ function password_check($cryptedpassword,$plainpassword,$attribute='userpassword # SHA512 crypted passwords case 'sha512': - if (strcasecmp(password_hash($plainpassword,'sha512'),'{SHA512}'.$cryptedpassword) == 0) + if (strcasecmp(pla_password_hash($plainpassword,'sha512'),'{SHA512}'.$cryptedpassword) == 0) return true; else return false; From b082cf1742b2310d69b2f278f33f6025e2544acb Mon Sep 17 00:00:00 2001 From: Mohamad Elrashidin Bin Sajeli Date: Thu, 8 May 2014 20:40:57 +0800 Subject: [PATCH 2/2] Changed preg_replace to preg_replace callback --- lib/functions.php | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/lib/functions.php b/lib/functions.php index ad9ee9f..d31e0c1 100644 --- a/lib/functions.php +++ b/lib/functions.php @@ -2565,12 +2565,22 @@ function dn_unescape($dn) { $a = array(); foreach ($dn as $key => $rdn) - $a[$key] = preg_replace('/\\\([0-9A-Fa-f]{2})/e',"''.chr(hexdec('\\1')).''",$rdn); + $a[$key] = preg_replace_callback('/\\\([0-9A-Fa-f]{2})/', + function ($r) { + return "''.chr(hexdec('$r[1]')).''"; + }, + $rdn + ); return $a; } else { - return preg_replace('/\\\([0-9A-Fa-f]{2})/e',"''.chr(hexdec('\\1')).''",$dn); + return preg_replace_callback('/\\\([0-9A-Fa-f]{2})/', + function ($r) { + return "''.chr(hexdec('$r[1]')).''"; + }, + $dn + ); } }