[dev] Re: [cvs] commit: imp/lib api.php
Jan Schneider
jan at horde.org
Mon Feb 14 14:34:27 PST 2005
Zitat von Chuck Hagenbuch <chuck at horde.org>:
> Quoting Jan Schneider <jan at horde.org>:
>
>>> Log:
>>> decode password
>>>
>>> Submitted by: Jakob Schroeter <js at camaya.net>
>>>
>>> Revision Changes Path
>>> 1.99 +2 -2 imp/lib/api.php
>>
>> I actually applied the reverse patch not long ago, because the password
>> was already decoded. Where is it *not* decoded?
>
> I'm not sure - the patch was forwarded to the dev list, and looking at
> it, it made that function consistent with the 2 others like it.
>
> Maybe somewhere in:
>
> $params = $_SESSION['imp']['admin']['params'];
> $params['admin_user'] = $params['login'];
> $params['admin_password'] = Secret::read(Secret::getKey('imp'),
> $params['password']);
>
>
> something's being set by reference, so we're decoding the password and
> saving the decoded version?
No idea, I didn't trace the code. All I know is that the password
already is decoded when we call the api method from horde's user
management.
Jan.
--
Do you need professional PHP or Horde consulting?
http://horde.org/consulting/
More information about the dev
mailing list