/**
* Encode or decode database password in config file
*
* @param int $level Encode level: 0 no encoding, 1 encoding
* @return int <0 if KO, >0 if OK
*/
function encodedecode_dbpassconf($level = 0)
{
dol_syslog("encodedecode_dbpassconf level=" . $level, LOG_DEBUG);
$config = '';
$passwd = '';
$passwd_crypted = '';
if ($fp = fopen(DOL_DOCUMENT_ROOT . '/conf/conf.php', 'r')) {
while (!feof($fp)) {
$buffer = fgets($fp, 4096);
$lineofpass = 0;
if (preg_match('/^[^#]*dolibarr_main_db_encrypted_pass[\\s]*=[\\s]*(.*)/i', $buffer, $reg)) {
$val = trim($reg[1]);
// This also remove CR/LF
$val = preg_replace('/^["\']/', '', $val);
$val = preg_replace('/["\'][\\s;]*$/', '', $val);
if (!empty($val)) {
$passwd_crypted = $val;
$val = dol_decode($val);
$passwd = $val;
$lineofpass = 1;
}
} elseif (preg_match('/^[^#]*dolibarr_main_db_pass[\\s]*=[\\s]*(.*)/i', $buffer, $reg)) {
$val = trim($reg[1]);
// This also remove CR/LF
$val = preg_replace('/^["\']/', '', $val);
$val = preg_replace('/["\'][\\s;]*$/', '', $val);
if (preg_match('/crypted:/i', $buffer)) {
$val = preg_replace('/crypted:/i', '', $val);
$passwd_crypted = $val;
$val = dol_decode($val);
$passwd = $val;
} else {
$passwd = $val;
$val = dol_encode($val);
$passwd_crypted = $val;
}
$lineofpass = 1;
}
// Output line
if ($lineofpass) {
// Add value at end of file
if ($level == 0) {
$config .= '$dolibarr_main_db_pass=\'' . $passwd . '\';' . "\n";
}
if ($level == 1) {
$config .= '$dolibarr_main_db_pass=\'crypted:' . $passwd_crypted . '\';' . "\n";
}
//print 'passwd = '.$passwd.' - passwd_crypted = '.$passwd_crypted;
//exit;
} else {
$config .= $buffer;
}
}
fclose($fp);
// Write new conf file
$file = DOL_DOCUMENT_ROOT . '/conf/conf.php';
if ($fp = @fopen($file, 'w')) {
fputs($fp, $config);
fclose($fp);
// It's config file, so we set read permission for creator only.
// Should set permission to web user and groups for users used by batch
//@chmod($file, octdec('0600'));
return 1;
} else {
dol_syslog("encodedecode_dbpassconf Failed to open conf.php file for writing", LOG_WARNING);
return -1;
}
} else {
dol_syslog("encodedecode_dbpassconf Failed to read conf.php", LOG_ERR);
return -2;
}
}
exit;
}
if ($_GET["action"] == 'activate_encryptdbpassconf')
{
$result = encodedecode_dbpassconf(1);
if ($result > 0)
{
// database value not required
//dolibarr_set_const($db, "MAIN_DATABASE_PWD_CONFIG_ENCRYPTED", "1");
Header("Location: security.php");
exit;
}
else
{
$mesg='<div class="warning">'.$langs->trans('InstrucToEncodePass',dol_encode($dolibarr_main_db_pass)).'</div>';
}
}
else if ($_GET["action"] == 'disable_encryptdbpassconf')
{
$result = encodedecode_dbpassconf(0);
if ($result > 0)
{
// database value not required
//dolibarr_del_const($db, "MAIN_DATABASE_PWD_CONFIG_ENCRYPTED",$conf->entity);
Header("Location: security.php");
exit;
}
else
{
$mesg='<div class="warning">'.$langs->trans('InstrucToClearPass',$dolibarr_main_db_pass).'</div>';
/**
* testEncodeDecode
*
* @return number
*/
public function testEncodeDecode()
{
$stringtotest = "This is a string to test encode/decode";
$encodedstring = dol_encode($stringtotest);
$decodedstring = dol_decode($encodedstring);
print __METHOD__ . " encodedstring=" . $encodedstring . " " . base64_encode($stringtotest) . "\n";
$this->assertEquals($stringtotest, $decodedstring);
return 0;
}
if ($allow_disable_encryption) {
dolibarr_del_const($db, "DATABASE_PWD_ENCRYPTED", $conf->entity);
}
header("Location: security.php");
exit;
}
}
if ($action == 'activate_encryptdbpassconf') {
$result = encodedecode_dbpassconf(1);
if ($result > 0) {
// database value not required
//dolibarr_set_const($db, "MAIN_DATABASE_PWD_CONFIG_ENCRYPTED", "1");
header("Location: security.php");
exit;
} else {
setEventMessage($langs->trans('InstrucToEncodePass', dol_encode($dolibarr_main_db_pass)), 'warnings');
}
} else {
if ($action == 'disable_encryptdbpassconf') {
$result = encodedecode_dbpassconf(0);
if ($result > 0) {
// database value not required
//dolibarr_del_const($db, "MAIN_DATABASE_PWD_CONFIG_ENCRYPTED",$conf->entity);
header("Location: security.php");
exit;
} else {
setEventMessage($langs->trans('InstrucToClearPass', $dolibarr_main_db_pass), 'warnings');
}
}
}
if ($action == 'activate_MAIN_SECURITY_DISABLEFORGETPASSLINK') {
