Improve password security by obfuscating it in the form #96
parent
736b713a70
commit
9ded89b6a5
|
@ -630,6 +630,9 @@ function psm_no_cache() {
|
|||
*/
|
||||
function psm_password_encrypt($password)
|
||||
{
|
||||
if(empty($password))
|
||||
return '';
|
||||
|
||||
$key = psm_get_conf('password_encrypt_key');
|
||||
|
||||
$iv = mcrypt_create_iv(
|
||||
|
@ -641,7 +644,7 @@ function psm_password_encrypt($password)
|
|||
$iv .
|
||||
mcrypt_encrypt(
|
||||
MCRYPT_RIJNDAEL_128,
|
||||
hash('sha256', $key, true),
|
||||
hash('sha256', $key, true),
|
||||
$password,
|
||||
MCRYPT_MODE_CBC,
|
||||
$iv
|
||||
|
@ -660,6 +663,9 @@ function psm_password_encrypt($password)
|
|||
*/
|
||||
function psm_password_decrypt($encryptedString)
|
||||
{
|
||||
if(empty($encryptedString))
|
||||
return '';
|
||||
|
||||
$key = psm_get_conf('password_encrypt_key');
|
||||
|
||||
$data = base64_decode($encryptedString);
|
||||
|
@ -668,7 +674,7 @@ function psm_password_decrypt($encryptedString)
|
|||
$decrypted = rtrim(
|
||||
mcrypt_decrypt(
|
||||
MCRYPT_RIJNDAEL_128,
|
||||
hash('sha256', $key, true),
|
||||
hash('sha256', $key, true),
|
||||
substr($data, mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC)),
|
||||
MCRYPT_MODE_CBC,
|
||||
$iv
|
||||
|
|
|
@ -125,7 +125,7 @@ $sm_lang = array(
|
|||
'website_username' => 'Username',
|
||||
'website_username_description' => 'Username to access the site. (Only Apache authentication is supported.)',
|
||||
'website_password' => 'Password',
|
||||
'website_password_description' => 'Password to access the site. The password is encrypted in the database and is not stored in plain text.',
|
||||
'website_password_description' => 'Password to access the site. The password is encrypted in the database.',
|
||||
'fieldset_monitoring' => 'Monitoring',
|
||||
'fieldset_permissions' => 'Permissions',
|
||||
'port' => 'Port',
|
||||
|
|
|
@ -200,7 +200,7 @@ class ServerController extends AbstractServerController {
|
|||
'edit_value_pattern' => $edit_server['pattern'],
|
||||
'edit_value_warning_threshold' => $edit_server['warning_threshold'],
|
||||
'edit_website_username' => $edit_server['website_username'],
|
||||
'edit_website_password' => psm_password_decrypt($edit_server['website_password']),
|
||||
'edit_website_password' => empty($edit_server['website_password']) ? '' : sha1($edit_server['website_password']),
|
||||
'edit_type_selected_' . $edit_server['type'] => 'selected="selected"',
|
||||
'edit_active_selected_' . $edit_server['active'] => 'selected="selected"',
|
||||
'edit_email_selected_' . $edit_server['email'] => 'selected="selected"',
|
||||
|
@ -233,12 +233,38 @@ class ServerController extends AbstractServerController {
|
|||
// dont process anything if no data has been posted
|
||||
return $this->executeIndex();
|
||||
}
|
||||
|
||||
$encrypted_password = '';
|
||||
|
||||
if(!empty($_POST['website_password']))
|
||||
{
|
||||
$new_password = psm_POST('website_password');
|
||||
if($this->server_id > 0)
|
||||
{
|
||||
$edit_server = $this->getServers($this->server_id);
|
||||
$hash = sha1($edit_server['website_password']);
|
||||
|
||||
if($new_password == $hash)
|
||||
{
|
||||
$encrypted_password = $edit_server['website_password'];
|
||||
}
|
||||
else
|
||||
{
|
||||
$encrypted_password = psm_password_encrypt( $new_password);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
$encrypted_password = psm_password_encrypt($new_password);
|
||||
}
|
||||
}
|
||||
|
||||
$clean = array(
|
||||
'label' => trim(strip_tags(psm_POST('label', ''))),
|
||||
'ip' => trim(strip_tags(psm_POST('ip', ''))),
|
||||
'timeout' => (isset($_POST['timeout']) && intval($_POST['timeout']) > 0) ? intval($_POST['timeout']) : null,
|
||||
'website_username' => psm_POST('website_username', null),
|
||||
'website_password' => (isset($_POST['website_password'])) ? psm_password_encrypt(psm_POST('website_password')) : '',
|
||||
'website_password' => $encrypted_password,
|
||||
'port' => intval(psm_POST('port', 0)),
|
||||
'type' => psm_POST('type', ''),
|
||||
'pattern' => psm_POST('pattern', ''),
|
||||
|
|
|
@ -88,7 +88,7 @@
|
|||
<div class="control-group types typeWebsite">
|
||||
<label class="control-label" for="website_password">{{ label_website_password }}</label>
|
||||
<div class="controls">
|
||||
<input type="text" id="website_password" name="website_password" value="{{ edit_website_password }}" data-toggle="tooltip" title="{{ label_website_password_description }}" />
|
||||
<input type="password" id="website_password" name="website_password" value="{{ edit_website_password }}" data-toggle="tooltip" title="{{ label_website_password_description }}" />
|
||||
</div>
|
||||
</div>
|
||||
</fieldset>
|
||||
|
|
|
@ -79,7 +79,11 @@
|
|||
</tr>
|
||||
<tr>
|
||||
<td>{{ label_website_password }}:</td>
|
||||
<td>******</td>
|
||||
<td>
|
||||
{% if (website_password is not empty) %}
|
||||
******
|
||||
{% endif %}
|
||||
</td>
|
||||
</tr>
|
||||
{% if has_admin_actions %}
|
||||
<tr>
|
||||
|
|
Loading…
Reference in New Issue