commit 7e53dab990748c546b79f0610c3a7a58431e9ebc Author: Michael Laccetti Date: Thu Aug 29 09:13:56 2013 -0400 Fixed two issues to get phpLdapAdmin to work under PHP 5.5.x 1) password_hash is an actual function, so renamed instances to password_hash_custom (HT: https://sourceforge.net/mailarchive/message.php?msg_id=31302386) 2) Fixed the preg_replace to preg_replace_callback to use the /e/ functionality in the officially endorsed fashion diff --git a/lib/PageRender.php b/lib/PageRender.php index 7d86a54..eed5d5f 100644 --- a/lib/PageRender.php +++ b/lib/PageRender.php @@ -287,7 +287,7 @@ class PageRender extends Visitor { break; default: - $vals[$i] = password_hash($passwordvalue,$enc); + $vals[$i] = password_hash_custom($passwordvalue,$enc); } $vals = array_unique($vals); @@ -957,7 +957,7 @@ class PageRender extends Visitor { if (trim($val)) $enc_type = get_enc_type($val); else - $enc_type = $server->getValue('appearance','password_hash'); + $enc_type = $server->getValue('appearance','password_hash_custom'); $obfuscate_password = obfuscate_password_display($enc_type); @@ -982,7 +982,7 @@ class PageRender extends Visitor { if (trim($val)) $enc_type = get_enc_type($val); else - $enc_type = $server->getValue('appearance','password_hash'); + $enc_type = $server->getValue('appearance','password_hash_custom'); echo '
'; diff --git a/lib/ds_ldap.php b/lib/ds_ldap.php index c346660..7532539 100644 --- a/lib/ds_ldap.php +++ b/lib/ds_ldap.php @@ -1116,13 +1116,24 @@ class ldap extends DS { if (is_array($dn)) { $a = array(); - foreach ($dn as $key => $rdn) - $a[$key] = preg_replace('/\\\([0-9A-Fa-f]{2})/e',"''.chr(hexdec('\\1')).''",$rdn); + foreach ($dn as $key => $rdn) { + $a[$key] = preg_replace_callback('/\\\([0-9A-Fa-f]{2})/', + function ($m) { + return ''.chr(hexdec('\\1')).''; + }, + $rdn + ); + } return $a; } else - return preg_replace('/\\\([0-9A-Fa-f]{2})/e',"''.chr(hexdec('\\1')).''",$dn); + return preg_replace_callback('/\\\([0-9A-Fa-f]{2})/', + function ($m) { + return ''.chr(hexdec('\\1')).''; + }, + $dn + ); } public function getRootDSE($method=null) { diff --git a/lib/ds_ldap_pla.php b/lib/ds_ldap_pla.php index 7ece393..6b0990e 100644 --- a/lib/ds_ldap_pla.php +++ b/lib/ds_ldap_pla.php @@ -16,7 +16,7 @@ class ldap_pla extends ldap { function __construct($index) { parent::__construct($index); - $this->default->appearance['password_hash'] = array( + $this->default->appearance['password_hash_custom'] = array( 'desc'=>'Default HASH to use for passwords', 'default'=>'md5'); diff --git a/lib/functions.php b/lib/functions.php index 56d8bf3..5ac3caf 100644 --- a/lib/functions.php +++ b/lib/functions.php @@ -2127,7 +2127,7 @@ function password_types() { * crypt, ext_des, md5crypt, blowfish, md5, sha, smd5, ssha, sha512, or clear. * @return string The hashed password. */ -function password_hash($password_clear,$enc_type) { +function password_hash_custom($password_clear,$enc_type) { if (DEBUG_ENABLED && (($fargs=func_get_args())||$fargs='NOARGS')) debug_log('Entered (%%)',1,0,__FILE__,__LINE__,__METHOD__,$fargs); @@ -2318,7 +2318,7 @@ function password_check($cryptedpassword,$plainpassword,$attribute='userpassword # SHA crypted passwords case 'sha': - if (strcasecmp(password_hash($plainpassword,'sha'),'{SHA}'.$cryptedpassword) == 0) + if (strcasecmp(password_hash_custom($plainpassword,'sha'),'{SHA}'.$cryptedpassword) == 0) return true; else return false; @@ -2327,7 +2327,7 @@ function password_check($cryptedpassword,$plainpassword,$attribute='userpassword # MD5 crypted passwords case 'md5': - if( strcasecmp(password_hash($plainpassword,'md5'),'{MD5}'.$cryptedpassword) == 0) + if( strcasecmp(password_hash_custom($plainpassword,'md5'),'{MD5}'.$cryptedpassword) == 0) return true; else return false; @@ -2392,7 +2392,7 @@ function password_check($cryptedpassword,$plainpassword,$attribute='userpassword # SHA512 crypted passwords case 'sha512': - if (strcasecmp(password_hash($plainpassword,'sha512'),'{SHA512}'.$cryptedpassword) == 0) + if (strcasecmp(password_hash_custom($plainpassword,'sha512'),'{SHA512}'.$cryptedpassword) == 0) return true; else return false; @@ -2564,13 +2564,24 @@ function dn_unescape($dn) { if (is_array($dn)) { $a = array(); - foreach ($dn as $key => $rdn) - $a[$key] = preg_replace('/\\\([0-9A-Fa-f]{2})/e',"''.chr(hexdec('\\1')).''",$rdn); + foreach ($dn as $key => $rdn) { + $a[$key] = preg_replace_callback('/\\\([0-9A-Fa-f]{2})/', + function ($m) { + return ''.chr(hexdec('\\1')).''; + }, + $rdn + ); + } return $a; } else { - return preg_replace('/\\\([0-9A-Fa-f]{2})/e',"''.chr(hexdec('\\1')).''",$dn); + return preg_replace_callback('/\\\([0-9A-Fa-f]{2})/', + function ($m) { + return ''.chr(hexdec('\\1')).''; + }, + $dn + ); } }