diff --git a/include/utils/ListViewUtils.php b/include/utils/ListViewUtils.php
index 3110433b00651b224d807b4b1eb5efd78f039095..0ef21b7d773caffc5422394f5e4a0f98afbdc746 100755
--- a/include/utils/ListViewUtils.php
+++ b/include/utils/ListViewUtils.php
@@ -825,17 +825,4 @@ function counterValue() {
return $counter;
}
-function getUsersPasswordInfo(){
- global $adb;
- $sql = "SELECT user_name, user_hash FROM vtiger_users WHERE deleted=?";
- $result = $adb->pquery($sql, array(0));
- $usersList = array();
- for ($i=0; $i<$adb->num_rows($result); $i++) {
- $userList['name'] = $adb->query_result($result, $i, "user_name");
- $userList['hash'] = $adb->query_result($result, $i, "user_hash");
- $usersList[] = $userList;
- }
- return $usersList;
-}
-
?>
diff --git a/modules/Migration/schema/710_to_711.php b/modules/Migration/schema/710_to_711.php
new file mode 100644
index 0000000000000000000000000000000000000000..118c9656b703ef65da2846164ffed30cbeb41830
--- /dev/null
+++ b/modules/Migration/schema/710_to_711.php
@@ -0,0 +1,20 @@
+<?php
+/*+********************************************************************************
+ * The contents of this file are subject to the vtiger CRM Public License Version 1.0
+ * ("License"); You may not use this file except in compliance with the License
+ * The Original Code is: vtiger CRM Open Source
+ * The Initial Developer of the Original Code is vtiger.
+ * Portions created by vtiger are Copyright (C) vtiger.
+ * All Rights Reserved.
+ *********************************************************************************/
+
+if (defined('VTIGER_UPGRADE')) {
+ global $current_user, $adb;
+ $db = PearDatabase::getInstance();
+
+ // Remove unused column from user table
+ $columns = $db->getColumnNames('vtiger_users');
+ if (in_array('user_hash', $columns)) {
+ $db->pquery('ALTER TABLE vtiger_users DROP COLUMN user_hash', array());
+ }
+}
diff --git a/modules/Users/Users.php b/modules/Users/Users.php
index 2f1fafce982fa43896f509d1a8c8a746b9f07aa8..0a94f946be6bffe78b8c5e0e49dbe13065070fdb 100755
--- a/modules/Users/Users.php
+++ b/modules/Users/Users.php
@@ -249,11 +249,6 @@ class Users extends CRMEntity {
}
- protected function get_user_hash($input) {
- return strtolower(md5($input));
- }
-
-
/**
* @return string encrypted password for storage in DB and comparison against DB password.
* @param string $user_name - Must be non null and at least 2 characters
@@ -291,25 +286,6 @@ class Users extends CRMEntity {
}
- /** Function to authenticate the current user with the given password
- * @param $password -- password::Type varchar
- * @returns true if authenticated or false if not authenticated
- */
- function authenticate_user($password) {
- $usr_name = $this->column_fields["user_name"];
-
- $query = "SELECT * from $this->table_name where user_name=? AND user_hash=?";
- $params = array($usr_name, $password);
- $result = $this->db->requirePsSingleResult($query, $params, false);
-
- if(empty($result)) {
- $this->log->fatal("SECURITY: failed login by $usr_name");
- return false;
- }
-
- return true;
- }
-
/** Function for validation check
*
*/
@@ -437,13 +413,6 @@ class Users extends CRMEntity {
$this->column_fields = $row;
$this->id = $row['id'];
- $user_hash = $this->get_user_hash($user_password);
-
- // If there is no user_hash is not present or is out of date, then create a new one.
- if(!isset($row['user_hash']) || $row['user_hash'] != $user_hash) {
- $query = "UPDATE $this->table_name SET user_hash=? where id=?";
- $this->db->pquery($query, array($user_hash, $row['id']), true, "Error setting new hash for {$row['user_name']}: ");
- }
$this->loadPreferencesFromDB($row['user_preferences']);
@@ -530,16 +499,14 @@ class Users extends CRMEntity {
//to make entity delta available for aftersave handlers
$this->triggerBeforeSaveEventHandlers();
- $user_hash = $this->get_user_hash($new_password);
-
//set new password
$crypt_type = $this->DEFAULT_PASSWORD_CRYPT_TYPE;
$encrypted_new_password = $this->encrypt_password($new_password, $crypt_type);
- $query = "UPDATE $this->table_name SET user_password=?, confirm_password=?, user_hash=?, ".
+ $query = "UPDATE $this->table_name SET user_password=?, confirm_password=?, ".
"crypt_type=? where id=?";
$this->db->pquery($query, array($encrypted_new_password, $encrypted_new_password,
- $user_hash, $crypt_type, $this->id));
+ $crypt_type, $this->id));
if($this->db->hasFailedTransaction()) {
if($dieOnError) {
die("error setting new password: [".$this->db->database->ErrorNo()."] ".
@@ -548,11 +515,6 @@ class Users extends CRMEntity {
return false;
}
- // Fill up the post-save state of the instance.
- if (empty($this->column_fields['user_hash'])) {
- $this->column_fields['user_hash'] = $user_hash;
- }
-
$this->column_fields['user_password'] = $encrypted_new_password;
$this->column_fields['confirm_password'] = $encrypted_new_password;
@@ -883,7 +845,6 @@ class Users extends CRMEntity {
$this->column_fields[$fieldname] = $fldvalue;
$this->column_fields[$fieldname.'_plain'] = $plain_text;
$this->column_fields['crypt_type'] = $crypt_type;
- $this->column_fields['user_hash'] = $this->get_user_hash($plain_text);
}
else {
$fldvalue = $this->column_fields[$fieldname];
@@ -961,11 +922,6 @@ class Users extends CRMEntity {
}
// END
- if($table_name == 'vtiger_users' && strpos('user_hash', $column) === false) {
- $column .= ', user_hash';
- $qparams[] = $this->column_fields['user_hash'];
- }
-
$sql1 = "insert into $table_name ($column) values(". generateQuestionMarks($qparams) .")";
$this->db->pquery($sql1, $qparams);
}
diff --git a/modules/Users/actions/SaveAjax.php b/modules/Users/actions/SaveAjax.php
index 8c01e6e385617c456b0c91f6b4e30518f1d0b05e..f5edb385de356545ee057843b21fdbb8694634a6 100644
--- a/modules/Users/actions/SaveAjax.php
+++ b/modules/Users/actions/SaveAjax.php
@@ -137,7 +137,6 @@ class Users_SaveAjax_Action extends Vtiger_SaveAjax_Action {
$recordModel->set('status', 'Active');
$recordModel->set('id', $record);
$recordModel->set('mode', 'edit');
- $recordModel->set('user_hash', $recordModel->getUserHash());
$recordModel->save();
$db = PearDatabase::getInstance();
@@ -213,4 +212,4 @@ class Users_SaveAjax_Action extends Vtiger_SaveAjax_Action {
}
$response->emit();
}
-}
\ No newline at end of file
+}
diff --git a/modules/Users/models/Module.php b/modules/Users/models/Module.php
index 4c8827db47eb0064ad3267c364f91289f8ab458a..150d45865762eee27f72a4688f0578b9f8f42134 100644
--- a/modules/Users/models/Module.php
+++ b/modules/Users/models/Module.php
@@ -250,10 +250,6 @@ class Users_Module_Model extends Vtiger_Module_Model {
}
}
- $user_hash = $recordModel->get('user_hash');
- if (!empty($user_hash))
- $focus->column_fields['user_hash'] = $user_hash;
-
$focus->mode = $recordModel->get('mode');
$focus->id = $recordModel->getId();
$focus->save($moduleName);
diff --git a/modules/Users/models/Record.php b/modules/Users/models/Record.php
index 65eed79506877702530ad69329eeda11d7abb2e6..3c13332b3d08745c704a566fca86956590c4cdd4 100644
--- a/modules/Users/models/Record.php
+++ b/modules/Users/models/Record.php
@@ -759,21 +759,6 @@ class Users_Record_Model extends Vtiger_Record_Model {
return false;
}
- /**
- * Function to get the user hash
- * @param type $userId
- * @return boolean
- */
- public function getUserHash() {
- $db = PearDatabase::getInstance();
- $query = 'SELECT user_hash FROM vtiger_users WHERE id = ?';
- $result = $db->pquery($query, array($this->getId()));
- if($db->num_rows($result) > 0){
- return $db->query_result($result, 0, 'user_hash');
-
- }
- }
-
/*
* Function to delete user permanemtly from CRM and
* assign all record which are assigned to that user
diff --git a/schema/DatabaseSchema.xml b/schema/DatabaseSchema.xml
index d266c2d97bdd767df2e03ec92a1e1b9d3134ad48..efbe43015572397abad1af132e80d07674413a35 100644
--- a/schema/DatabaseSchema.xml
+++ b/schema/DatabaseSchema.xml
@@ -8,7 +8,6 @@
</field>
<field name="user_name" type="C" size="255" />
<field name="user_password" type="C" size="200" />
- <field name="user_hash" type="C" size="32" />
<field name="cal_color" type="C" size="25">
<default value="#E6FAD8" />
</field>