AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-01 03:14:52 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add per-user password encryption using master key

Browse Source
This commit is contained in:
Marcus Hill
2022-01-10 22:07:26 +00:00
parent a56d701a8a
commit 49d895040a
3 changed files with 134 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
client_logins.php
View File

@@ -41,7 +41,7 @@ if(isset($_GET['o'])){
//Rebuild URL
$url_query_strings_sb = http_build_query(array_merge($_GET,array('sb' => $sb, 'o' => $o)));
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS *, AES_DECRYPT(login_password, '$config_aes_key') AS login_password FROM logins
$sql = mysqli_query($mysqli,"SELECT SQL_CALC_FOUND_ROWS * FROM logins
WHERE login_client_id = $client_id
AND (login_name LIKE '%$q%' OR login_username LIKE '%$q%' OR login_uri LIKE '%$q%')
ORDER BY $sb $o LIMIT $record_from, $record_to");
@@ -112,7 +112,7 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
}else{
$login_username_display = "$login_username<button class='btn btn-sm' data-clipboard-text='$login_username'><i class='far fa-copy text-secondary'></i></button>";
}
$login_password = htmlentities($row['login_password']);
$login_password = htmlentities(decryptLoginEntry($row['login_password']));
$login_otp_secret = $row['login_otp_secret'];
if(empty($login_otp_secret)){
$otp_display = "-";