mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-03 21:27:25 +02:00
Code Issues Releases Wiki Activity

Fixes #1984 Disable CHAP when SSL is enabled or encryption method is not legacy MD5

Browse Source
This commit is contained in:
Cameron
2017-03-21 12:29:05 -07:00
parent 2fabda120f
commit 329095336e
3 changed files with 15 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
e107_admin/prefs.php
View File

@@ -96,6 +96,12 @@ if(isset($_POST['updateprefs']))
$mes->addError(PRFLAN_211);
}
if(!empty($_POST['passwordEncoding']) || !empty($_POST['ssl_enabled']))
{
$_POST['password_CHAP'] = 0; // disable chap unless using md5 without SSL.
}
// Table of range checking values - min and max for numerics. Only do the important ones
$pref_limits = array('loginname_maxlength' => array('min' => 10, 'max' => 100, 'default' => 30),
'displayname_maxlength' => array('min' => 5, 'max' => 100, 'default' => 15),
@@ -1427,7 +1433,10 @@ $text .= "
$text .= "
<td><label for='password-chap'>".PRFLAN_178."</label></td>
<td>".$frm->select('password_CHAP',$CHAP_list,$pref['password_CHAP'] );
<td>";
$CHAPopt = !empty($pref['ssl_enabled']) || !empty($pref['passwordEncoding']) ? array('disabled'=>1) : null;
$text .= $frm->select('password_CHAP',$CHAP_list,$pref['password_CHAP'], $CHAPopt );
//." ".$frm->select_open('password_CHAP');
//TODO - user tracking session name - visible only if Cookie is enabled (JS)

2
e107_themes/bootstrap3/admin_style.css
View File

@@ -1545,7 +1545,7 @@ body#admin-menus #sc-admin-help .panel-body {
overflow-y:scroll;
}
.form-control[disabled] { opacity: 0.5; }

4
e107_web/js/core/admin.jquery.js
View File

@@ -775,10 +775,14 @@ $(document).ready(function()
$(selector).toggle();
// $('.menu-selector input[type="checkbox"]').removeAttr("checked");
return false;
});
$(".e-mm-selector li input").click(function(e){
$("ul.dropdown-menu.e-mm-selector").css('display','none');