[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-cvs] [19014] Fix a first admin login heisenbug ...
From: |
Caeies |
Subject: |
[Phpgroupware-cvs] [19014] Fix a first admin login heisenbug ... |
Date: |
Wed, 10 Dec 2008 17:16:03 +0000 |
Revision: 19014
http://svn.sv.gnu.org/viewvc/?view=rev&root=phpgroupware&revision=19014
Author: Caeies
Date: 2008-12-10 17:16:02 +0000 (Wed, 10 Dec 2008)
Log Message:
-----------
Fix a first admin login heisenbug ... this is kinda a hotfix until we find a
better way to initialize the crypto object !
Modified Paths:
--------------
core/trunk/setup/accounts.php
Modified: core/trunk/setup/accounts.php
===================================================================
--- core/trunk/setup/accounts.php 2008-12-10 16:51:25 UTC (rev 19013)
+++ core/trunk/setup/accounts.php 2008-12-10 17:16:02 UTC (rev 19014)
@@ -201,6 +201,14 @@
$GLOBALS['phpgw']->db =& $db;
$GLOBALS['phpgw']->acl = CreateObject('phpgwapi.acl');
$GLOBALS['phpgw']->accounts = CreateObject('phpgwapi.accounts');
+ //XXX Dec 08. Caeies : Fix the first admin login when using
cache as files and that mcrypt is enabled
+ //XXX Dec 08. Caeies : This is stolen from
phpgwapi/inc/class.sessions.inc.php ... which let me think that's there's a
design problem there.
+ //XXX Dec 08. Caeies : If a notice or error is triggered from
here ... then your config was not properly done.
+ //XXX Dec 08. Caeies : note : we rely on the fact that the
setup use the same session_id than the one which is used for the next session
generation ... if it not the case ... then
+ //XXX Dec 08. Caeies : the resulting cached string will not be
able to be decoded ... hope this don't broke to much thing.
+ //XXX Dec 08. Caeies : btw it's potentially risky not to
encrypt the session files since the admin password is stored in clear in the
cache file. no idea for shm.
+ $GLOBALS['phpgw']->crypto->init(array(md5(session_id() .
$GLOBALS['phpgw_info']['server']['encryptkey']),
$GLOBALS['phpgw_info']['server']['mcrypt_iv']));
+
/* Posted admin data */
// We need to reverse the entities or the password can be
mangled
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Phpgroupware-cvs] [19014] Fix a first admin login heisenbug ...,
Caeies <=