Move security function into security.lib.php

Split security.lib.php into 2 files: One always loaded, the other for rare functions.
Dolibarr · Feb 12, 2012 · 036e578 · 036e578
1 parent 2a5f299
commit 036e578
Show file tree

Hide file tree

Showing 17 changed files with 942 additions and 880 deletions.
diff --git a/htdocs/adherents/class/adherent.class.php b/htdocs/adherents/class/adherent.class.php
@@ -767,7 +767,8 @@ function setPassword($user, $password='', $isencrypted=0, $notrigger=0, $nosyncu
         // If new password not provided, we generate one
         if (! $password)
         {
-	        $password=getRandomPassword('');
+            require_once(DOL_DOCUMENT_ROOT."/core/lib/security2.lib.php");
+            $password=getRandomPassword('');
         }
 
         // Cryptage mot de passe

diff --git a/htdocs/adherents/fiche.php b/htdocs/adherents/fiche.php
@@ -706,7 +706,8 @@
     // Password
     if (empty($conf->global->ADHERENT_LOGIN_NOT_REQUIRED))
     {
-	    $generated_password=getRandomPassword('');
+        require_once(DOL_DOCUMENT_ROOT."/core/lib/security2.lib.php");
+        $generated_password=getRandomPassword('');
         print '<tr><td><span class="fieldrequired">'.$langs->trans("Password").'</span></td><td>';
         print '<input size="30" maxsize="32" type="text" name="password" value="'.$generated_password.'">';
         print '</td></tr>';

diff --git a/htdocs/admin/security.php b/htdocs/admin/security.php
@@ -24,6 +24,7 @@
 
 require("../main.inc.php");
 require_once(DOL_DOCUMENT_ROOT."/core/lib/admin.lib.php");
+require_once(DOL_DOCUMENT_ROOT."/core/lib/security2.lib.php");
 
 $langs->load("users");
 $langs->load("admin");

diff --git a/htdocs/cashdesk/class/Auth.class.php b/htdocs/cashdesk/class/Auth.class.php
@@ -122,6 +122,7 @@ function verif($aLogin, $aPasswd)
 
         if ($test && $goontestloop)
         {
+            include_once(DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php');
 			$login = checkLoginPassEntity($usertotest,$passwordtotest,$entitytotest,$authmode);
             if ($login)
             {

diff --git a/htdocs/contact/canvas/actions_contactcard_common.class.php b/htdocs/contact/canvas/actions_contactcard_common.class.php
@@ -42,10 +42,10 @@ abstract class ActionsContactCardCommon
 	//! Error array
 	var $errors=array();
 
-	
+
 	/**
 	 * 	Instantiation of DAO class
-	 * 
+	 *
 	 * 	@return	void
 	 */
 	private function getInstanceDao()
@@ -66,7 +66,7 @@ private function getInstanceDao()
 	        }
 		}
 	}
-	
+
 	/**
      *  Get object
 	 *
@@ -76,7 +76,7 @@ private function getInstanceDao()
     function getObject($id)
     {
     	$ret = $this->getInstanceDao();
-    	
+
     	if (is_object($this->object) && method_exists($this->object,'fetch'))
     	{
     		if (! empty($id)) $this->object->fetch($id);
@@ -192,7 +192,7 @@ function doActions(&$action, $id)
         		Header("Location: ".$_SERVER["PHP_SELF"]."?id=".$this->object->id);
         		exit;
         	}
-        	
+
             if (empty($_POST["name"]))
             {
                 $this->error=array($langs->trans("ErrorFieldRequired",$langs->transnoentities("Name").' / '.$langs->transnoentities("Label")));
@@ -391,21 +391,22 @@ function assign_values(&$action)
 
             $this->tpl['note'] = nl2br($this->object->note);
         }
-        
+
         if ($action == 'create_user')
         {
         	// Full firstname and name separated with a dot : firstname.name
         	include_once(DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php');
+            require_once(DOL_DOCUMENT_ROOT."/core/lib/security2.lib.php");
         	$login=dol_buildlogin($this->object->nom, $this->object->prenom);
-        	
+
        		$generated_password=getRandomPassword('');
         	$password=$generated_password;
-        	
+
         	// Create a form array
         	$formquestion=array(
         	array('label' => $langs->trans("LoginToCreate"), 'type' => 'text', 'name' => 'login', 'value' => $login),
         	array('label' => $langs->trans("Password"), 'type' => 'text', 'name' => 'password', 'value' => $password));
-        	
+
         	$this->tpl['action_create_user'] = $form->formconfirm($_SERVER["PHP_SELF"]."?id=".$this->object->id,$langs->trans("CreateDolibarrLogin"),$langs->trans("ConfirmCreateContact"),"confirm_create_user",$formquestion,'no');
         }
     }

diff --git a/htdocs/contact/fiche.php b/htdocs/contact/fiche.php
@@ -705,7 +705,8 @@
             $generated_password='';
             if (! $ldap_sid) // TODO ldap_sid ?
             {
-	        	$generated_password=getRandomPassword('');
+                require_once(DOL_DOCUMENT_ROOT."/core/lib/security2.lib.php");
+                $generated_password=getRandomPassword('');
             }
             $password=$generated_password;
 

diff --git a/htdocs/core/ajax/security.php b/htdocs/core/ajax/security.php
@@ -43,11 +43,12 @@
 //print '<!-- Ajax page called with url '.$_SERVER["PHP_SELF"].'?'.$_SERVER["QUERY_STRING"].' -->'."\n";
 
 // Registering the location of boxes
-if(isset($_GET['action']) && ! empty($_GET['action']))
+if (isset($_GET['action']) && ! empty($_GET['action']))
 {
 	if ($_GET['action'] == 'getrandompassword' && $user->admin)
 	{
-		$generic = $_GET['generic'];
+        require_once(DOL_DOCUMENT_ROOT."/core/lib/security2.lib.php");
+	    $generic = $_GET['generic'];
 		echo getRandomPassword($generic);
 	}
 }