#i43

git-svn-id: file:///svn/phpbb/trunk@8143 89ea8834-ac86-4346-8a33-228a782c2dd0
2025-05-05 23:25:30 +02:00 · 2007-10-05 13:14:58 +00:00 · 2007-10-05 13:14:58 +00:00 · 7baf3ed140
commit 7baf3ed140
parent 56b6195563
5 changed files with 52 additions and 6 deletions
--- a/phpBB/adm/style/acp_forums.html
+++ b/phpBB/adm/style/acp_forums.html
@ -160,12 +160,18 @@
 	</dl>
 	<dl>
 		<dt><label for="forum_password">{L_FORUM_PASSWORD}:</label><br /><span>{L_FORUM_PASSWORD_EXPLAIN}</span></dt>
-		<dd><input type="password" id="forum_password" name="forum_password" value="{FORUM_PASSWORD}" /></dd>
+		<dd><input type="password" id="forum_password" name="forum_password" value="<!-- IF S_FORUM_PASSWORD_SET -->&#x20;&#x20;&#x20;&#x20;&#x20;&#x20;<!-- ENDIF -->" /></dd>
 	</dl>
 	<dl>
 		<dt><label for="forum_password_confirm">{L_FORUM_PASSWORD_CONFIRM}:</label><br /><span>{L_FORUM_PASSWORD_CONFIRM_EXPLAIN}</span></dt>
-		<dd><input type="password" id="forum_password_confirm" name="forum_password_confirm" value="{FORUM_PASSWORD_CONFIRM}" /></dd>
+		<dd><input type="password" id="forum_password_confirm" name="forum_password_confirm" value="<!-- IF S_FORUM_PASSWORD_SET -->&#x20;&#x20;&#x20;&#x20;&#x20;&#x20;<!-- ENDIF -->" /></dd>
 	</dl>
+	<!-- IF S_FORUM_PASSWORD_SET -->
+	<dl>
+		<dt><label for="forum_password_unset">{L_FORUM_PASSWORD_UNSET}:</label><br /><span>{L_FORUM_PASSWORD_UNSET_EXPLAIN}</span></dt>
+		<dd><input id="forum_password_unset" name="forum_password_unset" type="checkbox" /></dd>
+	</dl>
+	<!-- ENDIF -->
 	<dl>
 		<dt><label for="forum_style">{L_FORUM_STYLE}:</label></dt>
 		<dd><select id="forum_style" name="forum_style"><option value="0">{L_DEFAULT_STYLE}</option>{S_STYLES_OPTIONS}</select></dd>
--- a/phpBB/includes/acp/acp_forums.php
+++ b/phpBB/includes/acp/acp_forums.php
@ -140,6 +140,7 @@ class acp_forums
 						'prune_sticky'			=> request_var('prune_sticky', false),
 						'forum_password'		=> request_var('forum_password', '', true),
 						'forum_password_confirm'=> request_var('forum_password_confirm', '', true),
+						'forum_password_unset'	=> request_var('forum_password_unset', false),
 					);

 					// Use link_display_on_index setting if forum type is link
@ -603,6 +604,11 @@ class acp_forums
 						}
 					}
 				}
+				
+				if (strlen($forum_data['forum_password']) == 32)
+				{
+					$errors[] = 'FORUM_PASSWORD_OLD';
+				}

 				$template->assign_vars(array(
 					'S_EDIT_FORUM'		=> true,
@ -629,8 +635,6 @@ class acp_forums
 					'PRUNE_DAYS'				=> $forum_data['prune_days'],
 					'PRUNE_VIEWED'				=> $forum_data['prune_viewed'],
 					'TOPICS_PER_PAGE'			=> $forum_data['forum_topics_per_page'],
-					'FORUM_PASSWORD'			=> $forum_data['forum_password'],
-					'FORUM_PASSWORD_CONFIRM'	=> $forum_data['forum_password_confirm'],
 					'FORUM_RULES_LINK'			=> $forum_data['forum_rules_link'],
 					'FORUM_RULES'				=> $forum_data['forum_rules'],
 					'FORUM_RULES_PREVIEW'		=> $forum_rules_preview,
@ -638,6 +642,7 @@ class acp_forums
 					'S_BBCODE_CHECKED'			=> ($forum_rules_data['allow_bbcode']) ? true : false,
 					'S_SMILIES_CHECKED'			=> ($forum_rules_data['allow_smilies']) ? true : false,
 					'S_URLS_CHECKED'			=> ($forum_rules_data['allow_urls']) ? true : false,
+					'S_FORUM_PASSWORD_SET'		=> (empty($forum_data['forum_password'])) ? false : true,

 					'FORUM_DESC'				=> $forum_desc_data['text'],
 					'S_DESC_BBCODE_CHECKED'		=> ($forum_desc_data['allow_bbcode']) ? true : false,
@ -938,7 +943,22 @@ class acp_forums
 		{
 			return $errors;
 		}
-
+ 
+ 		// As we don't know the old password, it's kinda tricky to detect changes
+		if ($forum_data_sql['forum_password_unset'])
+		{
+			$forum_data_sql['forum_password'] = '';
+		}
+		else if (empty($forum_data_sql['forum_password']))
+		{
+			unset($forum_data_sql['forum_password']);
+		}
+		else
+		{
+			$forum_data_sql['forum_password'] = phpbb_hash($forum_data_sql['forum_password']);
+		}
+		unset($forum_data_sql['forum_password_unset']);
+		
 		if (!isset($forum_data_sql['forum_id']))
 		{
 			// no forum_id means we're creating a new forum
--- a/phpBB/includes/functions.php
+++ b/phpBB/includes/functions.php
@ -2457,7 +2457,7 @@ function login_forum_box($forum_data)
 		}
 		$db->sql_freeresult($result);

-		if ($password == $forum_data['forum_password'])
+		if (phpbb_check_hash($password, $forum_data['forum_password']))
 		{
 			$sql_ary = array(
 				'forum_id'		=> (int) $forum_data['forum_id'],
--- a/phpBB/install/database_update.php
+++ b/phpBB/install/database_update.php
@ -1551,6 +1551,23 @@ if (version_compare($current_version, '3.0.RC5', '<='))
 	set_config('form_token_lifetime', '7200');
 	set_config('form_token_mintime', '0');

+	$db->sql_transaction('begin');
+
+	$sql = 'SELECT forum_id, forum_password
+			FROM ' . FORUMS_TABLE;
+	$result = _sql($sql, $errored, $error_ary);
+	
+	while ($row = $db->sql_fetchrow($result))
+	{
+		if (!empty($row['forum_password']))
+		{
+			_sql('UPDATE ' . FORUMS_TABLE . " SET forum_password = '" . md5($row['forum_password']) . "' WHERE forum_id = {$row['forum_id']}", $errored, $error_ary);
+		}
+	}
+	$db->sql_freeresult($result);
+	
+	$db->sql_transaction('commit');
+
 	$no_updates = false;
 }

--- a/phpBB/language/en/acp/forums.php
+++ b/phpBB/language/en/acp/forums.php
@ -91,6 +91,9 @@ $lang = array_merge($lang, array(
 	'FORUM_PASSWORD_CONFIRM'			=> 'Confirm forum password',
 	'FORUM_PASSWORD_CONFIRM_EXPLAIN'	=> 'Only needs to be set if a forum password is entered.',
 	'FORUM_PASSWORD_EXPLAIN'			=> 'Defines a password for this forum, use the permission system in preference.',
+	'FORUM_PASSWORD_UNSET'				=> 'Remove forum password',
+	'FORUM_PASSWORD_UNSET_EXPLAIN'		=> 'Check here if you want to remove the forum password.',
+	'FORUM_PASSWORD_OLD'				=> 'The forum password is using an old encryption and should be changed.',
 	'FORUM_PASSWORD_MISMATCH'			=> 'The passwords you entered did not match.',
 	'FORUM_PRUNE_SETTINGS'				=> 'Forum prune settings',
 	'FORUM_RESYNCED'					=> 'Forum “%s” successfully resynced',