diff --git a/src/includes/functions.inc.php b/src/includes/functions.inc.php index 3036c8fa..fbe8aadd 100644 --- a/src/includes/functions.inc.php +++ b/src/includes/functions.inc.php @@ -595,7 +595,7 @@ namespace { $phpmailer->SMTPSecure = psm_get_conf('email_smtp_security'); $smtp_user = psm_get_conf('email_smtp_username'); - $smtp_pass = psm_get_conf('email_smtp_password'); + $smtp_pass = psm_password_decrypt(psm_get_conf('password_encrypt_key'), psm_get_conf('email_smtp_password')); if ($smtp_user != '' && $smtp_pass != '') { $phpmailer->SMTPAuth = true; diff --git a/src/lang/en_US.lang.php b/src/lang/en_US.lang.php index 570d32c2..97c0de5f 100644 --- a/src/lang/en_US.lang.php +++ b/src/lang/en_US.lang.php @@ -293,6 +293,7 @@ $sm_lang = array( 'email_smtp_security_none' => 'None', 'email_smtp_username' => 'SMTP username', 'email_smtp_password' => 'SMTP password', + 'email_smtp_password_description' => 'Fill only to set or change.', 'email_smtp_noauth' => 'Leave blank for no authentication', 'sms_status' => 'Allow sending text messages', 'sms_gateway' => 'Gateway to use for sending messages', diff --git a/src/psm/Module/Config/Controller/ConfigController.php b/src/psm/Module/Config/Controller/ConfigController.php index 52b6920c..37b71f3f 100644 --- a/src/psm/Module/Config/Controller/ConfigController.php +++ b/src/psm/Module/Config/Controller/ConfigController.php @@ -67,7 +67,7 @@ class ConfigController extends AbstractController 'email_smtp_host', 'email_smtp_port', 'email_smtp_username', - 'email_smtp_password', + //'email_smtp_password', // not typical input - and saved encrypted 'sms_gateway_username', 'sms_gateway_password', 'sms_from', @@ -204,6 +204,8 @@ class ConfigController extends AbstractController { if (!empty($_POST)) { // save new config + $emailSmtpPassword = filter_input(INPUT_POST, 'email_smtp_password'); + $clean = array( 'language' => $_POST['language'], 'sms_gateway' => $_POST['sms_gateway'], @@ -216,6 +218,9 @@ class ConfigController extends AbstractController 'log_retention_period' => intval(psm_POST('log_retention_period', 365)), 'password_encrypt_key' => psm_POST('password_encrypt_key', sha1(microtime())), ); + if ($emailSmtpPassword !== null && $emailSmtpPassword !== '') { + $clean['email_smtp_password'] = psm_password_encrypt(psm_get_conf('password_encrypt_key'), $emailSmtpPassword); + } foreach ($this->checkboxes as $input_key) { $clean[$input_key] = (isset($_POST[$input_key])) ? '1' : '0'; } @@ -411,6 +416,7 @@ class ConfigController extends AbstractController 'label_email_smtp_security' => psm_get_lang('config', 'email_smtp_security'), 'label_email_smtp_username' => psm_get_lang('config', 'email_smtp_username'), 'label_email_smtp_password' => psm_get_lang('config', 'email_smtp_password'), + 'label_email_smtp_password_description' => psm_get_lang('config', 'email_smtp_password_description'), 'label_email_smtp_noauth' => psm_get_lang('config', 'email_smtp_noauth'), 'label_sms_status' => psm_get_lang('config', 'sms_status'), 'label_sms_gateway' => psm_get_lang('config', 'sms_gateway'), diff --git a/src/templates/default/module/config/config.tpl.html b/src/templates/default/module/config/config.tpl.html index 48b2730c..3f9f5817 100644 --- a/src/templates/default/module/config/config.tpl.html +++ b/src/templates/default/module/config/config.tpl.html @@ -99,7 +99,7 @@ {{ macro.input_field("text", "email_smtp_username", null, "email_smtp_username", label_email_smtp_username, email_smtp_username, label_email_smtp_username, "255") }} - {{ macro.input_field("password", "email_smtp_password", null, "email_smtp_password", label_email_smtp_password, email_smtp_password, label_email_smtp_password, "255", null, null, null, true) }} + {{ macro.input_field("password", "email_smtp_password", null, "email_smtp_password", label_email_smtp_password, email_smtp_password, label_email_smtp_password, "255", 'email_smtp_password_help', label_email_smtp_password_description, null, true) }} {{ macro.button_test("testEmail", label_test) }} {{ macro.input_hidden("test_email", "0") }} {{ macro.button_save("email_submit", label_save) }}