Browse files

Revert "MDL-31248 - lib - Alteration to the rc4encrypt function to al…

…low for old password use."

This reverts commit 6f3e759.
  • Loading branch information...
1 parent 009d721 commit be0b3ea0ea30d1e5e3b48ea0d31403c6e5973c5b @stronk7 stronk7 committed Mar 9, 2012
Showing with 13 additions and 31 deletions.
  1. +10 −20 lib/moodlelib.php
  2. +3 −11 lib/sessionlib.php
View
30 lib/moodlelib.php
@@ -7267,35 +7267,25 @@ protected function prepare_emoticon_object($text, $imagename, $altidentifier = n
*
* @todo Finish documenting this function
*
- * @param string $data Data to encrypt.
- * @param bool $usesecurekey Lets us know if we are using the old or new password.
- * @return string The now encrypted data.
+ * @param string $data Data to encrypt
+ * @return string The now encrypted data
*/
-function rc4encrypt($data, $usesecurekey = false) {
- if (!$usesecurekey) {
- $passwordkey = 'nfgjeingjk';
- } else {
- $passwordkey = get_site_identifier();
- }
- return endecrypt($passwordkey, $data, '');
+function rc4encrypt($data) {
+ $password = get_site_identifier();
+ return endecrypt($password, $data, '');
}
/**
* rc4decrypt
*
* @todo Finish documenting this function
*
- * @param string $data Data to decrypt.
- * @param bool $usesecurekey Lets us know if we are using the old or new password.
- * @return string The now decrypted data.
+ * @param string $data Data to decrypt
+ * @return string The now decrypted data
*/
-function rc4decrypt($data, $usesecurekey = false) {
- if (!$usesecurekey) {
- $passwordkey = 'nfgjeingjk';
- } else {
- $passwordkey = get_site_identifier();
- }
- return endecrypt($passwordkey, $data, 'de');
+function rc4decrypt($data) {
+ $password = get_site_identifier();
+ return endecrypt($password, $data, 'de');
}
/**
View
14 lib/sessionlib.php
@@ -1023,7 +1023,7 @@ function set_moodle_cookie($username) {
if ($username !== '') {
// set username cookie for 60 days
- setcookie($cookiename, rc4encrypt($username, true), time()+(DAYSECS*60), $CFG->sessioncookiepath, $CFG->sessioncookiedomain, $CFG->cookiesecure, $CFG->cookiehttponly);
+ setcookie($cookiename, rc4encrypt($username), time()+(DAYSECS*60), $CFG->sessioncookiepath, $CFG->sessioncookiedomain, $CFG->cookiesecure, $CFG->cookiehttponly);
}
}
@@ -1048,18 +1048,10 @@ function get_moodle_cookie() {
if (empty($_COOKIE[$cookiename])) {
return '';
} else {
- $username = rc4decrypt($_COOKIE[$cookiename], true);
- if ($username != clean_param($username, PARAM_USERNAME)) {
- $username = rc4decrypt($_COOKIE[$cookiename]);
- if ($username == clean_param($username, PARAM_USERNAME)) {
- set_moodle_cookie($username);
- } else {
- $username = '';
- }
- }
+ $username = rc4decrypt($_COOKIE[$cookiename]);
if ($username === 'guest' or $username === 'nobody') {
// backwards compatibility - we do not set these cookies any more
- $username = '';
+ return '';
}
return $username;
}

0 comments on commit be0b3ea

Please sign in to comment.