From a76d5628bcd80a756443d43e879c7329a55fe18d Mon Sep 17 00:00:00 2001 From: andryyy Date: Mon, 7 Dec 2020 08:13:26 +0100 Subject: [PATCH] [Web] Accept prehashes password on both edit and add mailbox --- data/web/inc/functions.mailbox.inc.php | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/data/web/inc/functions.mailbox.inc.php b/data/web/inc/functions.mailbox.inc.php index 17829562..fff41900 100644 --- a/data/web/inc/functions.mailbox.inc.php +++ b/data/web/inc/functions.mailbox.inc.php @@ -1055,9 +1055,10 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) { return false; } // support pre hashed passwords - if(preg_match('/^{SSHA256}|{SSHA}|{SHA512-CRYPT}|{SSHA512}|{MD5-CRYPT}|{PLAIN-MD5}/i', $password)) { + if (preg_match('/^({SSHA256}|{SSHA}|{SHA512-CRYPT}|{SSHA512}|{MD5-CRYPT}|{PLAIN-MD5})/i', $password)) { $password_hashed = $password; - } else { + } + else { $password_hashed = hash_password($password); } } @@ -2555,7 +2556,13 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) { ); continue; } - $password_hashed = hash_password($password); + // support pre hashed passwords + if (preg_match('/^({SSHA256}|{SSHA}|{SHA512-CRYPT}|{SSHA512}|{MD5-CRYPT}|{PLAIN-MD5})/i', $password)) { + $password_hashed = $password; + } + else { + $password_hashed = hash_password($password); + } $stmt = $pdo->prepare("UPDATE `mailbox` SET `password` = :password_hashed WHERE `username` = :username");