Customer portal password encrypted with md5

010dcbf6 · Prasad · 1cbbf87e · 010dcbf6 · 010dcbf6 · 010dcbf6
Commit 010dcbf6 authored 9 years ago by Prasad
--- a/modules/Contacts/ContactsHandler.php
+++ b/modules/Contacts/ContactsHandler.php
@@ -14,7 +14,8 @@ function Contacts_sendCustomerPortalLoginDetails($entityData){
 	$wsId = $entityData->getId();
 	$parts = explode('x', $wsId);
 	$entityId = $parts[1];
-
+	$entityDelta = new VTEntityDelta();
+	$portalChanged = $entityDelta->hasChanged($moduleName, $entityId, 'portal');
 	$email = $entityData->get('email');

 	if ($entityData->get('portal') == 'on' || $entityData->get('portal') == '1') {
@@ -29,9 +30,8 @@ function Contacts_sendCustomerPortalLoginDetails($entityData){
 			if($email == $dbusername && $isactive == 1 && !$entityData->isNew()){
 				$update = false;
 			} else if($entityData->get('portal') == 'on' ||  $entityData->get('portal') == '1'){
-				$sql = "UPDATE vtiger_portalinfo SET user_name=?, isactive=1 WHERE id=?";
-				$adb->pquery($sql, array($email, $entityId));
-				$password = $adb->query_result($result,0,'user_password');
+				$sql = "UPDATE vtiger_portalinfo SET user_name=?, isactive=? WHERE id=?";
+				$adb->pquery($sql, array($email, 1, $entityId));
 				$update = true;
 			} else {
 				$sql = "UPDATE vtiger_portalinfo SET user_name=?, isactive=? WHERE id=?";
@@ -39,19 +39,38 @@ function Contacts_sendCustomerPortalLoginDetails($entityData){
 				$update = false;
 			}
 		}
-		if($insert == true){
-			$password = makeRandomPassword();
+		$password = makeRandomPassword();
+		$md5_password = md5($password);
+		if ($insert == true) {
 			$sql = "INSERT INTO vtiger_portalinfo(id,user_name,user_password,type,isactive) VALUES(?,?,?,?,?)";
-			$params = array($entityId, $email, $password, 'C', 1);
+			$params = array($entityId, $email, $md5_password, 'C', 1);
 			$adb->pquery($sql, $params);
 		}
-
-		if($insert == true || $update == true) {
+		if ($update == true && $portalChanged == true) {
+			$sql = "UPDATE vtiger_portalinfo SET user_password=? WHERE id=?";
+			$params = array($md5_password, $entityId);
+			$adb->pquery($sql, $params);
+		}
+		if (($insert == true || ($update = true && $portalChanged == true)) && $entityData->get('emailoptout') == 0) {
 			global $current_user,$HELPDESK_SUPPORT_EMAIL_ID, $HELPDESK_SUPPORT_NAME;
 			require_once("modules/Emails/mail.php");
 			$emailData = Contacts::getPortalEmailContents($entityData,$password,'LoginDetails');
 			$subject = $emailData['subject'];
+            if(empty($subject)) {
+                $subject = 'Customer Portal Login Details';
+            }
 			$contents = $emailData['body'];
+            $contents= decode_html(getMergedDescription($contents, $entityId, 'Contacts'));
+            if(empty($contents)) {
+				require_once 'config.inc.php';
+				global $PORTAL_URL;
+                $contents = 'LoginDetails';
+                $contents .= "<br><br> User ID : ".$entityData->get('email');
+                $contents .= "<br> Password: ".$password;
+				$portalURL = vtranslate('Please ',$moduleName).'<a href="'.$PORTAL_URL.'" style="font-family:Arial, Helvetica, sans-serif;font-size:13px;">'.  vtranslate('click here', $moduleName).'</a>';
+				$contents .= "<br>".$portalURL;
+            }
+            $subject=  decode_html(getMergedDescription($subject, $entityId,'Contacts'));
 			send_mail('Contacts', $entityData->get('email'), $HELPDESK_SUPPORT_NAME, $HELPDESK_SUPPORT_EMAIL_ID, $subject, $contents,'','','','','',true);
 		}
 	} else {

--- a/modules/Migration/models/Module.php
+++ b/modules/Migration/models/Module.php
@@ -33,7 +33,8 @@ class Migration_Module_Model extends Vtiger_Module_Model {
                        array('610' => '6.1.0'),
                        array('620' => '6.2.0'),
                        array('630' => '6.3.0'),
-                        array('640' => '6.4.0')
+                        array('640' => '6.4.0'),
+                        array('650' => '6.5.0')
 		);
 		return $versions;
 	}

--- a/modules/Migration/schema/640_to_650.php
+++ b/modules/Migration/schema/640_to_650.php
+<?php
+/*+********************************************************************************
+ * The contents of this file are subject to the vtiger CRM Public License Version 1.0
+ * ("License"); You may not use this file except in compliance with the License
+ * The Original Code is:  vtiger CRM Open Source
+ * The Initial Developer of the Original Code is vtiger.
+ * Portions created by vtiger are Copyright (C) vtiger.
+ * All Rights Reserved.
+ *********************************************************************************/
+
+if(defined('VTIGER_UPGRADE')) {
+
+//Start add new currency - 'CFP Franc or Pacific Franc' 
+global $db;
+
+//Updating existing users password to thier md5 hash
+
+$selectQuery = 'SELECT 1 FROM vtiger_portalinfo';
+$resultSet = $db->pquery($selectQuery, array());
+if ($db->num_rows($resultSet) > 0) {
+    $updateQuery = 'UPDATE vtiger_portalinfo SET user_password=MD5(user_password)';
+    $db->pquery($updateQuery, array());
+}
+}
\ No newline at end of file
--- a/soap/customerportal.php
+++ b/soap/customerportal.php
@@ -1065,7 +1065,7 @@ function change_password($input_array)
 		return array('MORE_THAN_ONE_USER');
 	}
 	$sql = "update vtiger_portalinfo set user_password=? where id=? and user_name=?";
-	$result = $adb->pquery($sql, array($password, $id, $username));
+	$result = $adb->pquery($sql, array(md5($password), $id, $username));

 	$log->debug("Exiting customer portal function change_password");
 	return $list;