86 lines
3.1 KiB
Plaintext
86 lines
3.1 KiB
Plaintext
<?php
|
|
/*+*******************************************************************************
|
|
* The contents of this file are subject to the vtiger CRM Public License Version 1.0
|
|
* ("License"); You may not use this file except in compliance with the License
|
|
* The Original Code is: vtiger CRM Open Source
|
|
* The Initial Developer of the Original Code is vtiger.
|
|
* Portions created by vtiger are Copyright (C) vtiger.
|
|
* All Rights Reserved.
|
|
*
|
|
*********************************************************************************/
|
|
|
|
/**
|
|
* Directions to use.
|
|
* 1. copy this file to vtiger root directory.
|
|
* 2. copy the app key from config.inc.php file(found in vtiger root directory) and
|
|
* paste it as a value for $configuredAppKey. variable in config.inc.php file is
|
|
* called application_unique_key
|
|
* 3. rename the file in vtiger root directory to a .php file.
|
|
* 4. run the file from browser or from command line.
|
|
* 5. delete the file in root directory.
|
|
* @author MAK
|
|
*/
|
|
|
|
/*
|
|
* 2. copy the app key from config.inc.php file(found in vtiger root directory) and
|
|
* paste it as a value for $configuredAppKey. variable in config.inc.php file is
|
|
* called application_unique_key
|
|
*
|
|
*/
|
|
$configuredAppKey = '';
|
|
|
|
require_once 'config.php';
|
|
require_once 'include/utils/utils.php';
|
|
|
|
if($configuredAppKey === $app_key) {
|
|
$db = PearDatabase::getInstance();
|
|
$sql = 'alter table vtiger_users change user_password user_password varchar(128)';
|
|
$alterResult = $db->pquery($sql, array());
|
|
if(!is_object($alterResult)) {
|
|
echo $installationStrings['LBL_PASSWORD_FIELD_CHANGE_FAILURE'];
|
|
exit;
|
|
}
|
|
resetUserPasswords();
|
|
}
|
|
|
|
function resetUserPasswords() {
|
|
$db = PearDatabase::getInstance();
|
|
$sql = 'select user_name, id, crypt_type from vtiger_users';
|
|
$result = $db->pquery($sql, array());
|
|
$rowList = $result->GetRows();
|
|
foreach ($rowList as $row) {
|
|
$cryptType = $row['crypt_type'];
|
|
if(strtolower($cryptType) == 'md5' && version_compare(PHP_VERSION, '5.3.0') >= 0) {
|
|
$cryptType = 'PHP5.3MD5';
|
|
}
|
|
$encryptedPassword = self::getEncryptedPassword($row['user_name'], $cryptType,
|
|
$row['user_name']);
|
|
$userId = $row['id'];
|
|
$sql = "update vtiger_users set user_password=?,crypt_type=? where id=?";
|
|
$updateResult = $con->Execute($sql, array($encryptedPassword, $cryptType, $userId));
|
|
if(!is_object($updateResult)) {
|
|
$_SESSION['migration_info']['user_messages'][] = "<div>".
|
|
"<span style='color: red;font-weight: bold;width: 30em;'>Failed: </span>".
|
|
"$sql<br />".var_export(array($encryptedPassword, $userId)).'</div>';
|
|
}
|
|
}
|
|
}
|
|
|
|
function getEncryptedPassword($userName, $cryptType, $userPassword) {
|
|
$salt = substr($userName, 0, 2);
|
|
// For more details on salt format look at: http://in.php.net/crypt
|
|
if($cryptType == 'MD5') {
|
|
$salt = '$1$' . $salt . '$';
|
|
} elseif($cryptType == 'BLOWFISH') {
|
|
$salt = '$2$' . $salt . '$';
|
|
} elseif($cryptType == 'PHP5.3MD5') {
|
|
//only change salt for php 5.3 or higher version for backward
|
|
//compactibility.
|
|
//crypt API is lot stricter in taking the value for salt.
|
|
$salt = '$1$' . str_pad($salt, 9, '0');
|
|
}
|
|
$computedEncryptedPassword = crypt($userPassword, $salt);
|
|
return $computedEncryptedPassword;
|
|
}
|
|
|
|
?> |