From df4543d96d8b13dd770c34f7c84fdfa1786a4595 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Roland=20H=C3=A4der?= <roland@mxchange.org>
Date: Fri, 28 Mar 2008 19:09:27 +0000
Subject: [PATCH] Admin login fixes

---
 inc/functions.php               |  9 ++++++---
 inc/modules/admin.php           |  7 ++++---
 inc/modules/admin/admin-inc.php | 11 ++++++++---
 3 files changed, 18 insertions(+), 9 deletions(-)

diff --git a/inc/functions.php b/inc/functions.php
index 3cdabf7e3e..df26e508c0 100644
--- a/inc/functions.php
+++ b/inc/functions.php
@@ -1800,8 +1800,8 @@ function generateHash($plainText, $salt = "") {
 
 	// Is the required extension "sql_patches" there?
 	if ((GET_EXT_VERSION("sql_patches") < "0.3.6") || (GET_EXT_VERSION("sql_patches") == "")) {
-		// Extension sql_patches is missing/outdated so we return the plain text
-		return $plainText;
+		// Extension sql_patches is missing/outdated so we return only the regular SHA1 hash
+		return sha1($plainText);
 	}
 
 	// When the salt is empty build a new one, else use the first x configured characters as the salt
@@ -2051,6 +2051,7 @@ function DISPLAY_PARSING_TIME_FOOTER() {
 // Unset/set session variables
 function set_session ($var, $value) {
 	global $CSS;
+
 	// Abort in CSS mode here
 	if ($CSS == 1) return true;
 
@@ -2079,7 +2080,9 @@ function set_session ($var, $value) {
 // Taken from user comments in PHP documentation for function constant()
 function isBooleanConstantAndTrue($constname) { // : Boolean
 	$res = false;
-	if (defined($constname)) $res = (constant($constname) === true);
+	if (defined($constname)) {
+		$res = (constant($constname) === true);
+	}
 	return($res);
 }
 
diff --git a/inc/modules/admin.php b/inc/modules/admin.php
index c364ae283a..3598511473 100644
--- a/inc/modules/admin.php
+++ b/inc/modules/admin.php
@@ -67,7 +67,7 @@ if (!isBooleanConstantAndTrue('admin_registered')) {
 		switch ($ret)
 		{
 		case "done":
-			admin_WriteData(PATH."inc/config.php", "ADMIN-SETUP", "define('admin_registered', ", ");", "true", 0);
+			admin_WriteData(PATH."inc/config.php", "ADMIN-SETUP", "define ('admin_registered', ", ");", "true", 0);
 			if (!_FATAL) {
 				// Registering is done
 				LOAD_URL(URL."/modules.php?module=admin&amp;action=login&register=done");
@@ -91,7 +91,7 @@ if (!isBooleanConstantAndTrue('admin_registered')) {
 			}
 			if (!isBooleanConstantAndTrue('admin_registered')) {
 				// Write to config that registration is done
-				admin_WriteData(PATH."inc/config.php", "ADMIN-SETUP", "define('admin_registered', ", ");", "true", 0);
+				admin_WriteData(PATH."inc/config.php", "ADMIN-SETUP", "define ('admin_registered', ", ");", "true", 0);
 
 				// Load URL for login
 				$URL = URL."/modules.php?module=admin&amp;action=login";
@@ -161,6 +161,7 @@ if (!isBooleanConstantAndTrue('admin_registered')) {
 			// Try to register the session variables
 			if ((set_session("admin_md5", generatePassString(generateHash($_POST['pass'], __SALT)))) && (set_session("admin_login", $_POST['login'])) && (set_session("admin_last", time())) && (set_session("admin_to", $_POST['timeout']))) {
 				// Construct URL and redirect
+				die("OK");
 				$URL = URL."/modules.php?module=admin&amp;";
 
 				// Rewrite overview module
@@ -276,7 +277,7 @@ if (!isBooleanConstantAndTrue('admin_registered')) {
 	}
 } else {
 	// Maybe an Admin want's to login?
-	$ret = CHECK_ADMIN_COOKIES(SQL_ESCAPE(get_session('admin_login')), SQL_ESCAPE(get_session('admin_md5')));
+	$ret = CHECK_ADMIN_COOKIES('admin_login', 'admin_md5');
 	switch ($ret) {
 	case "done":
 		// Cookie-Data accepted
diff --git a/inc/modules/admin/admin-inc.php b/inc/modules/admin/admin-inc.php
index 6aba44b398..ae5db92b5b 100644
--- a/inc/modules/admin/admin-inc.php
+++ b/inc/modules/admin/admin-inc.php
@@ -129,6 +129,11 @@ function CHECK_ADMIN_LOGIN ($admin_login, $password)
 // Only be executed on cookie checking
 function CHECK_ADMIN_COOKIES ($admin_login, $password) {
 	global $cacheArray, $_CONFIG;
+
+	// Get login and password hash
+	$admin_login = SQL_ESCAPE(get_session($admin_login));
+	$password = SQL_ESCAPE(get_session($password));
+
 	$ret = "404"; $pass = "";
 	if (!empty($cacheArray['admins']['aid'][$admin_login])) {
 		// Get password from cache
@@ -199,17 +204,17 @@ function admin_WriteData ($file, $comment, $prefix, $suffix, $DATA, $seek=0)
 				// Copy back tmp file and delete tmp :-)
 				@copy($tmp, $file);
 				@unlink($tmp);
-				define('_FATAL', false);
+				define ('_FATAL', false);
 			}
 			 elseif (!$found)
 			{
 				OUTPUT_HTML("<STRONG>CHANGE:</STRONG> 404!");
-				define('_FATAL', true);
+				define ('_FATAL', true);
 			}
 			 else
 			{
 				OUTPUT_HTML("<STRONG>TMP:</STRONG> UNDONE!");
-				define('_FATAL', true);
+				define ('_FATAL', true);
 			}
 		}
 	}
-- 
2.30.2