From e031239cf02f15649f5dd5b4cba80f7c0caaf075 Mon Sep 17 00:00:00 2001 From: "Wahlstedt, Walter" Date: Tue, 17 Nov 2015 13:49:59 -0500 Subject: [PATCH] Removed escaping, add sometimes required, add encrypt ldap password --- app/controllers/AuthController.php | 2 +- app/controllers/admin/SettingsController.php | 52 ++++++++++---------- app/controllers/admin/UsersController.php | 2 +- 3 files changed, 28 insertions(+), 28 deletions(-) diff --git a/app/controllers/AuthController.php b/app/controllers/AuthController.php index 86eea402ee..5fe9a89cb2 100755 --- a/app/controllers/AuthController.php +++ b/app/controllers/AuthController.php @@ -33,7 +33,7 @@ class AuthController extends BaseController $ldaphost = Setting::getSettings()->ldap_server; $ldaprdn = Setting::getSettings()->ldap_uname; - $ldappass = Setting::getSettings()->ldap_pword; + $ldappass = Crypt::decrypt(Setting::getSettings()->ldap_pword); $baseDn = Setting::getSettings()->ldap_basedn; $filterQuery = Setting::getSettings()->ldap_auth_filter_query . $username; $ldapversion = Setting::getSettings()->ldap_version; diff --git a/app/controllers/admin/SettingsController.php b/app/controllers/admin/SettingsController.php index a83c169fb8..222cf74b95 100755 --- a/app/controllers/admin/SettingsController.php +++ b/app/controllers/admin/SettingsController.php @@ -78,18 +78,18 @@ class SettingsController extends AdminController "default_currency" => 'required', "slack_channel" => 'regex:/(? 'alpha_dash', - "ldap_server" => 'url', - "ldap_uname" => 'min:1', - "ldap_pword" => 'min:1', - "ldap_basedn" => 'min:1', - "ldap_filter" => 'min:1', - "ldap_username_field" => 'min:1', - "ldap_lname_field" => 'min:1', - "ldap_auth_filter_query" => 'min:1', - "ldap_version" => 'min:1', - "ldap_active_flag" => 'min:1', - "ldap_emp_num" => 'min:1', - "ldap_email" => 'min:1', + "ldap_server" => 'sometimes|required|url', + "ldap_uname" => 'sometimes|required', + "ldap_pword" => 'sometimes|required', + "ldap_basedn" => 'sometimes|required', + "ldap_filter" => 'sometimes|required', + "ldap_username_field" => 'sometimes|required', + "ldap_lname_field" => 'sometimes|required', + "ldap_auth_filter_query" => 'sometimes|required', + "ldap_version" => 'sometimes|required', + "ldap_active_flag" => '', + "ldap_emp_num" => '', + "ldap_email" => '', ); if (Config::get('app.lock_passwords')==false) { @@ -147,20 +147,20 @@ class SettingsController extends AdminController $setting->slack_endpoint = e(Input::get('slack_endpoint')); $setting->slack_channel = e(Input::get('slack_channel')); $setting->slack_botname = e(Input::get('slack_botname')); - $setting->ldap_enabled = e(Input::get('ldap_enabled', '0')); - $setting->ldap_server = e(Input::get('ldap_server')); - $setting->ldap_uname = e(Input::get('ldap_uname')); - $setting->ldap_pword = e(Input::get('ldap_pword')); - $setting->ldap_basedn = e(Input::get('ldap_basedn')); - $setting->ldap_filter = e(Input::get('ldap_filter')); - $setting->ldap_username_field = e(Input::get('ldap_username_field')); - $setting->ldap_lname_field = e(Input::get('ldap_lname_field')); - $setting->ldap_fname_field = e(Input::get('ldap_fname_field')); - $setting->ldap_auth_filter_query = e(Input::get('ldap_auth_filter_query')); - $setting->ldap_version = e(Input::get('ldap_version')); - $setting->ldap_active_flag = e(Input::get('ldap_active_flag')); - $setting->ldap_emp_num = e(Input::get('ldap_emp_num')); - $setting->ldap_email = e(Input::get('ldap_email')); + $setting->ldap_enabled = Input::get('ldap_enabled', '0'); + $setting->ldap_server = Input::get('ldap_server'); + $setting->ldap_uname = Input::get('ldap_uname'); + $setting->ldap_pword = Crypt::encrypt(Input::get('ldap_pword')); + $setting->ldap_basedn = Input::get('ldap_basedn'); + $setting->ldap_filter = Input::get('ldap_filter'); + $setting->ldap_username_field = Input::get('ldap_username_field'); + $setting->ldap_lname_field = Input::get('ldap_lname_field'); + $setting->ldap_fname_field = Input::get('ldap_fname_field'); + $setting->ldap_auth_filter_query = Input::get('ldap_auth_filter_query'); + $setting->ldap_version = Input::get('ldap_version'); + $setting->ldap_active_flag = Input::get('ldap_active_flag'); + $setting->ldap_emp_num = Input::get('ldap_emp_num'); + $setting->ldap_email = Input::get('ldap_email'); // Was the asset updated? diff --git a/app/controllers/admin/UsersController.php b/app/controllers/admin/UsersController.php index 283b11fbb1..91e1b8a955 100755 --- a/app/controllers/admin/UsersController.php +++ b/app/controllers/admin/UsersController.php @@ -1118,7 +1118,7 @@ class UsersController extends AdminController { $ldap_version = Setting::getSettings()->ldap_version; $url = Setting::getSettings()->ldap_server; $username = Setting::getSettings()->ldap_uname; - $password = Setting::getSettings()->ldap_pword; + $password = Crypt::decrypt(Setting::getSettings()->ldap_pword); $base_dn = Setting::getSettings()->ldap_basedn; $filter = Setting::getSettings()->ldap_filter;