Пример #1
0
/**
 *  Encode or decode database password in config file
 *
 *  @param   	int		$level   	Encode level: 0 no encoding, 1 encoding
 *	@return		int					<0 if KO, >0 if OK
 */
function encodedecode_dbpassconf($level = 0)
{
    dol_syslog("encodedecode_dbpassconf level=" . $level, LOG_DEBUG);
    $config = '';
    $passwd = '';
    $passwd_crypted = '';
    if ($fp = fopen(DOL_DOCUMENT_ROOT . '/conf/conf.php', 'r')) {
        while (!feof($fp)) {
            $buffer = fgets($fp, 4096);
            $lineofpass = 0;
            if (preg_match('/^[^#]*dolibarr_main_db_encrypted_pass[\\s]*=[\\s]*(.*)/i', $buffer, $reg)) {
                $val = trim($reg[1]);
                // This also remove CR/LF
                $val = preg_replace('/^["\']/', '', $val);
                $val = preg_replace('/["\'][\\s;]*$/', '', $val);
                if (!empty($val)) {
                    $passwd_crypted = $val;
                    $val = dol_decode($val);
                    $passwd = $val;
                    $lineofpass = 1;
                }
            } elseif (preg_match('/^[^#]*dolibarr_main_db_pass[\\s]*=[\\s]*(.*)/i', $buffer, $reg)) {
                $val = trim($reg[1]);
                // This also remove CR/LF
                $val = preg_replace('/^["\']/', '', $val);
                $val = preg_replace('/["\'][\\s;]*$/', '', $val);
                if (preg_match('/crypted:/i', $buffer)) {
                    $val = preg_replace('/crypted:/i', '', $val);
                    $passwd_crypted = $val;
                    $val = dol_decode($val);
                    $passwd = $val;
                } else {
                    $passwd = $val;
                    $val = dol_encode($val);
                    $passwd_crypted = $val;
                }
                $lineofpass = 1;
            }
            // Output line
            if ($lineofpass) {
                // Add value at end of file
                if ($level == 0) {
                    $config .= '$dolibarr_main_db_pass=\'' . $passwd . '\';' . "\n";
                }
                if ($level == 1) {
                    $config .= '$dolibarr_main_db_pass=\'crypted:' . $passwd_crypted . '\';' . "\n";
                }
                //print 'passwd = '.$passwd.' - passwd_crypted = '.$passwd_crypted;
                //exit;
            } else {
                $config .= $buffer;
            }
        }
        fclose($fp);
        // Write new conf file
        $file = DOL_DOCUMENT_ROOT . '/conf/conf.php';
        if ($fp = @fopen($file, 'w')) {
            fputs($fp, $config);
            fclose($fp);
            // It's config file, so we set read permission for creator only.
            // Should set permission to web user and groups for users used by batch
            //@chmod($file, octdec('0600'));
            return 1;
        } else {
            dol_syslog("encodedecode_dbpassconf Failed to open conf.php file for writing", LOG_WARNING);
            return -1;
        }
    } else {
        dol_syslog("encodedecode_dbpassconf Failed to read conf.php", LOG_ERR);
        return -2;
    }
}
Пример #2
0
    exit;
}

if ($_GET["action"] == 'activate_encryptdbpassconf')
{
	$result = encodedecode_dbpassconf(1);
	if ($result > 0)
	{
		// database value not required
		//dolibarr_set_const($db, "MAIN_DATABASE_PWD_CONFIG_ENCRYPTED", "1");
		Header("Location: security.php");
		exit;
	}
	else
	{
		$mesg='<div class="warning">'.$langs->trans('InstrucToEncodePass',dol_encode($dolibarr_main_db_pass)).'</div>';
	}
}
else if ($_GET["action"] == 'disable_encryptdbpassconf')
{
	$result = encodedecode_dbpassconf(0);
	if ($result > 0)
	{
		// database value not required
		//dolibarr_del_const($db, "MAIN_DATABASE_PWD_CONFIG_ENCRYPTED",$conf->entity);
		Header("Location: security.php");
		exit;
	}
	else
	{
		$mesg='<div class="warning">'.$langs->trans('InstrucToClearPass',$dolibarr_main_db_pass).'</div>';
Пример #3
0
 /**
  * testEncodeDecode
  *
  * @return number
  */
 public function testEncodeDecode()
 {
     $stringtotest = "This is a string to test encode/decode";
     $encodedstring = dol_encode($stringtotest);
     $decodedstring = dol_decode($encodedstring);
     print __METHOD__ . " encodedstring=" . $encodedstring . " " . base64_encode($stringtotest) . "\n";
     $this->assertEquals($stringtotest, $decodedstring);
     return 0;
 }
        if ($allow_disable_encryption) {
            dolibarr_del_const($db, "DATABASE_PWD_ENCRYPTED", $conf->entity);
        }
        header("Location: security.php");
        exit;
    }
}
if ($action == 'activate_encryptdbpassconf') {
    $result = encodedecode_dbpassconf(1);
    if ($result > 0) {
        // database value not required
        //dolibarr_set_const($db, "MAIN_DATABASE_PWD_CONFIG_ENCRYPTED", "1");
        header("Location: security.php");
        exit;
    } else {
        setEventMessage($langs->trans('InstrucToEncodePass', dol_encode($dolibarr_main_db_pass)), 'warnings');
    }
} else {
    if ($action == 'disable_encryptdbpassconf') {
        $result = encodedecode_dbpassconf(0);
        if ($result > 0) {
            // database value not required
            //dolibarr_del_const($db, "MAIN_DATABASE_PWD_CONFIG_ENCRYPTED",$conf->entity);
            header("Location: security.php");
            exit;
        } else {
            setEventMessage($langs->trans('InstrucToClearPass', $dolibarr_main_db_pass), 'warnings');
        }
    }
}
if ($action == 'activate_MAIN_SECURITY_DISABLEFORGETPASSLINK') {