diff --git a/bureau/class/m_ftp.php b/bureau/class/m_ftp.php index 74b02788..11566a79 100644 --- a/bureau/class/m_ftp.php +++ b/bureau/class/m_ftp.php @@ -321,7 +321,7 @@ class m_ftp { return false; // The error has been raised by checkPolicy() } } - $encrypted_password = _md5cr($pass, strrev(microtime(true))); + $encrypted_password = _sha512cr($pass); $db->query("UPDATE ftpusers SET name= ? , password='', encrypted_password= ?, homedir= ?, uid= ? WHERE id= ?;", array($full_login, $encrypted_password, $absolute, $cuid, $id)); } else { $db->query("UPDATE ftpusers SET name= ? , homedir= ? , uid= ? WHERE id= ? ;", array($full_login, $absolute, $cuid, $id)); @@ -406,7 +406,7 @@ class m_ftp { } if ($quota->cancreate("ftp")) { - $encrypted_password = _md5cr($pass, strrev(microtime(true))); + $encrypted_password = _sha512cr($pass); $db->query("INSERT INTO ftpusers (name,password, encrypted_password,homedir,uid) VALUES ( ?, '', ?, ?, ?)", array($full_login, $encrypted_password, $absolute, $cuid)); return true; } else { diff --git a/install/mysql.sql b/install/mysql.sql index a41fa6f0..cc3f1d07 100644 --- a/install/mysql.sql +++ b/install/mysql.sql @@ -129,7 +129,7 @@ CREATE TABLE IF NOT EXISTS ftpusers ( id int(10) unsigned NOT NULL auto_increment, name varchar(64) NOT NULL default '', password varchar(32) NOT NULL default '', - encrypted_password VARCHAR(32) default NULL, + encrypted_password VARCHAR(255) default NULL, homedir varchar(128) NOT NULL default '', uid int(10) unsigned NOT NULL default '0', enabled boolean NOT NULL DEFAULT TRUE, diff --git a/install/upgrades/3.4.11.sql b/install/upgrades/3.4.11.sql index 7f922d97..643d3bc8 100644 --- a/install/upgrades/3.4.11.sql +++ b/install/upgrades/3.4.11.sql @@ -1 +1,2 @@ ALTER TABLE `membres` MODIFY `pass` varchar(255); +ALTER TABLE `ftpusers` MODIFY `encrypted_password` varchar(255);