From 333523d1e341e55d85247c1215eedefd9756fd62 Mon Sep 17 00:00:00 2001
From: prasad <prasad@vtiger.com>
Date: Fri, 20 Apr 2018 20:50:28 +0530
Subject: [PATCH] Added protection to SMSNotifier credential

---
 .../SMSNotifier/modules/SMSNotifier/SMSNotifier.php      | 3 ++-
 .../modules/SMSNotifier/settings/models/Record.php       | 9 ++++++++-
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/pkg/vtiger/modules/SMSNotifier/modules/SMSNotifier/SMSNotifier.php b/pkg/vtiger/modules/SMSNotifier/modules/SMSNotifier/SMSNotifier.php
index 405084f38..64e17a877 100644
--- a/pkg/vtiger/modules/SMSNotifier/modules/SMSNotifier/SMSNotifier.php
+++ b/pkg/vtiger/modules/SMSNotifier/modules/SMSNotifier/SMSNotifier.php
@@ -271,7 +271,8 @@ class SMSNotifierManager {
 			foreach($parameters as $k=>$v) {
 				$provider->setParameter($k, $v);
 			}
-			$provider->setAuthParameters($resultrow['username'], $resultrow['password']);
+			$password = Vtiger_Functions::fromProtectedText($resultrow['password']);
+			$provider->setAuthParameters($resultrow['username'], $password);
 
 			return $provider;
 		}
diff --git a/pkg/vtiger/modules/SMSNotifier/settings/models/Record.php b/pkg/vtiger/modules/SMSNotifier/settings/models/Record.php
index d3c3e623c..63f4866b4 100644
--- a/pkg/vtiger/modules/SMSNotifier/settings/models/Record.php
+++ b/pkg/vtiger/modules/SMSNotifier/settings/models/Record.php
@@ -121,7 +121,14 @@ class Settings_SMSNotifier_Record_Model extends Settings_Vtiger_Record_Model {
 	public function save() {
 		$db = PearDatabase::getInstance();
 
-		$params = array($this->get('providertype'), $this->get('isactive'), $this->get('username'), $this->get('password'), $this->get('parameters'));
+		$password = $this->get('password');
+		if ($id && !Vtiger_Functions::isProtectedText($password)) {
+			$password = Vtiger_Functions::toProtectedText($password);
+		} else {
+			$password = Vtiger_Functions::toProtectedText($password);
+		}
+
+		$params = array($this->get('providertype'), $this->get('isactive'), $this->get('username'), $password, $this->get('parameters'));
 		$id = $this->getId();
 
 		if ($id) {
-- 
GitLab