Added CRYPT_FULL_SALT authentication.

git-svn-id: http://mantisbt.svn.sourceforge.net/svnroot/mantisbt/trunk@941 f5dc347c-c33d-0410-90a0-b07cc1902cb9

constant_inc.php

@@ -81,11 +81,12 @@
 	define( "UNREAD",   202 );
 
 	# login methods
-	define( "PLAIN",	  0 );
-	define( "CRYPT",	  1 );
-	define( "MD5",		  2 );
-	define( "LDAP",		  3 );
-	define( "BASIC_AUTH", 4 );
+	define( "PLAIN",	       0 );
+	define( "CRYPT",	       1 );
+	define( "CRYPT_FULL_SALT", 2 );
+	define( "MD5",		       3 );
+	define( "LDAP",		       4 );
+	define( "BASIC_AUTH",      5 );
 
 	# file upload methods
 	define( "DISK",       1 );

core_user_API.php

@@ -146,6 +146,13 @@ function is_password_match( $f_username, $p_test_password, $p_password ) {
 						} else {
 							return false;
 						}
+			case CRYPT_FULL_SALT:
+						$salt = $p_password;
+						if ( crypt( $p_test_password, $salt ) == $p_password ) {
+							return true;
+						} else {
+							return false;
+						}
 			case PLAIN:	if ( $p_test_password == $p_password ) {
 							return true;
 						} else {
@@ -185,6 +192,9 @@ function process_plain_password( $p_password ) {
 		switch ( $g_login_method ) {
 			case CRYPT:	$salt = substr( $p_password, 0, 2 );
 						return crypt( $p_password, $salt );
+			case CRYPT_FULL_SALT:
+						$salt = $p_password;
+						return crypt( $p_password, $salt );
 			case PLAIN:	return $p_password;
 			case MD5:	return md5( $p_password );
 			default:	return $p_password;

css_inc.php

@@ -60,6 +60,7 @@
 tr.spacer			{ background-color: <?php echo $g_spacer_color ?>; color: <?php echo $g_font_color ?>; }
 tr.row-category		{ background-color: <?php echo $g_category_title_color ?>; color: <?php echo $g_font_color ?>; font-weight: bold; }
 tr.row-category2	{ background-color: <?php echo $g_category_title_color ?>; color: <?php echo $g_font_color ?>; }
+tr.print			{ vertical-align: top; }
 tr.print-category	{ color: <?php echo $g_font_color ?>; font-weight: bold; }
 
 td.login-info-left	{ width: 33%; padding: 0px; text-align: left; }

doc/ChangeLog

@@ -76,6 +76,7 @@ Mantis
  * Added g_strip_bare_lf to toggle use of make_lf_crlf().
  * Added priority reporting on the report form for developers.
  * Added project category copy.
+ * Added CRYPT_FULL_SALT authentication.
  * Removed access_min and access threshold concepts from the user and project management.
  * Removed extra "echo" in news archive page.
  * Removed proj_user_delete_page.php.

doc/configuration.html

@@ -1181,10 +1181,11 @@ <h2>Content</h2>
 		<ul>
 			<li>PLAIN
 			<li>CRYPT
+			<li>CRYPT_FULL_SALT
 			<li>MD5
 			<li>BASIC_AUTH
 		</ul>
-		Some systems (mostly non-unix) do not have crypt support in PHP.  MD5 will accomplish almost the same thing.  PLAIN is plain text and there is no attempt to secure the password in the database.  You will not be able to easily convert between encryption methods so this needs to be chosen at install time.  CRYPT was the default until 0.17.0; MD5 is now the default.
+		Some systems (mostly non-unix) do not have crypt support in PHP.  MD5 will accomplish almost the same thing.  PLAIN is plain text and there is no attempt to secure the password in the database.  You will not be able to easily convert between encryption methods so this needs to be chosen at install time.  CRYPT was the default until 0.17.0; MD5 is now the default.  Try CRYPT_FULL_SALT if CRYPT is not working.
 	</td>
 </tr>
 <tr>