poppen · October 9, 2010 13:18
diff --git a/functions.inc.php.patch b/functions.inc.php.patch
 --- functions.inc.php.orig	2010-10-09 20:33:20.000000000 +0900
 +++ functions.inc.php	2010-10-09 22:16:43.000000000 +0900
 @@ -1132,7 +1132,8 @@
     $password = "";
     $salt = "";
 
 -    if ($CONF['encrypt'] == 'md5crypt') {
 +    if ( $CONF['encrypt'] == 'md5crypt' &&
 +        ( stripos($pw_db, '$') === 0 || empty($pw_db) )) {
         $split_salt = preg_split ('/\$/', $pw_db);
         if (isset ($split_salt[2])) {
             $salt = $split_salt[2];
 @@ -1237,6 +1238,18 @@
         }
     }
 
 +    elseif (preg_match('/^{.*}/', $pw_db)) {
 +        $result = preg_split('/{|}/', $pw_db, 3);
 +        $flavor = $result[1];  
 +        $salt = substr($result[2], 0, 2);
 +
 +        if (stripos($flavor, 'crypt') === 0) {
 +            $password = '{' . $flavor . '}' . crypt($pw, $salt);
 +        } else {
 +            die("Unknown flavor. Valid flavors is 'crypt'");
 +        }
 +    }
 +
     else {
         die ('unknown/invalid $CONF["encrypt"] setting: ' . $CONF['encrypt']);
     }
	--- functions.inc.php.orig 2010-10-09 20:33:20.000000000 +0900
	+++ functions.inc.php 2010-10-09 22:16:43.000000000 +0900
	@@ -1132,7 +1132,8 @@
	$password = "";
	$salt = "";

	- if ($CONF['encrypt'] == 'md5crypt') {
	+ if ( $CONF['encrypt'] == 'md5crypt' &&
	+ ( stripos($pw_db, '$') === 0 \|\| empty($pw_db) )) {
	$split_salt = preg_split ('/\$/', $pw_db);
	if (isset ($split_salt[2])) {
	$salt = $split_salt[2];
	@@ -1237,6 +1238,18 @@
	}
	}

	+ elseif (preg_match('/^{.*}/', $pw_db)) {
	+ $result = preg_split('/{\|}/', $pw_db, 3);
	+ $flavor = $result[1];
	+ $salt = substr($result[2], 0, 2);
	+
	+ if (stripos($flavor, 'crypt') === 0) {
	+ $password = '{' . $flavor . '}' . crypt($pw, $salt);
	+ } else {
	+ die("Unknown flavor. Valid flavors is 'crypt'");
	+ }
	+ }
	+
	else {
	die ('unknown/invalid $CONF["encrypt"] setting: ' . $CONF['encrypt']);
	}