pluginsGLPI
User injection corrupt password
I create a simple model to import/update users, using username and phone as fields associated respectively to login and phone but when i do the import for some reason the password was changed to sha1 hash.
Doing a little debug i found this: writing a text password in database glpi_users.password for example pippo when i do the import that word will be converted to sha1 hash: d012f68144ed0f121d3cc330a17eec528c2e7d59
In the debug mode there is trace of sql query.
Hi @achillebnt
This is the desired and functional behaviour
GLPI is compatible with passwords in sha1 format
as soon as the user updates his password (which is recommended) GLPI will encrypt it with sodium
Best regards
It's not a desired and functional behaviour... initially i do it only to update phone number of users and after i had to restore the database because no one can access to the portal.
Ok I had misunderstood the context of the injection
Can you past here your mapping ?
Here the mapping
I do my test and i think function processAfterInsertOrUpdate in inc/userinjection.class.php has to be reviewed because this part of code every time you save it take the value in database and rehash it.
I comment out that query commit and my problem was gone.
Can you apply this patch, enable GLPI debug mode and reduo a CSV import ?
diff --git a/inc/userinjection.class.php b/inc/userinjection.class.php
index 9447426..af2bd72 100644
--- a/inc/userinjection.class.php
+++ b/inc/userinjection.class.php
@@ -174,6 +174,7 @@ class PluginDatainjectionUserInjection extends User implements PluginDatainjecti
}
}
+ toolbox::logDebug($values['User']);
if (isset($values['User']['password']) && ($values['User']['password'] != '')) {
//We use an SQL request because updating the password is unesasy
//(self reset password process in $user->prepareInputForUpdate())
Then check php-errors.log file (/glpi/files/_log/php-errors.log)
you should see what this call gets
Here the return log:
[2024-07-11 13:33:00] glpiphplog.DEBUG: PluginDatainjectionUserInjection::processAfterInsertOrUpdate() in /var/www/html/glpi-test/marketplace/datainjection/inc/userinjection.class.php line 177
Array
(
[name] => user.test
[mobile] => 12345678
[entities_id] => 0
[id] => 10
[password] => 6f851c48ba4b5592aa5340aaea956e3d102eb7b4
[password_last_update] => NULL
[phone] => NULL
[phone2] => NULL
[realname] => NULL
[firstname] => NULL
[locations_id] => 0
[language] => NULL
[use_mode] => 0
[list_limit] => NULL
[is_active] => 1
[comment] => NULL
[auths_id] => 0
[authtype] => 1
[last_login] => NULL
[date_mod] => 2024-07-11 11:18:06
[date_sync] => NULL
[is_deleted] => 0
[profiles_id] => 0
[usertitles_id] => 0
[usercategories_id] => 0
[date_format] => NULL
[number_format] => NULL
[names_format] => NULL
[csv_delimiter] => NULL
[is_ids_visible] => NULL
[use_flat_dropdowntree] => NULL
[show_jobs_at_login] => NULL
[priority_1] => NULL
[priority_2] => NULL
[priority_3] => NULL
[priority_4] => NULL
[priority_5] => NULL
[priority_6] => NULL
[followup_private] => NULL
[task_private] => NULL
[default_requesttypes_id] => NULL
[password_forget_token] => NULL
[password_forget_token_date] => NULL
[user_dn] => NULL
[user_dn_hash] => NULL
[registration_number] => NULL
[show_count_on_tabs] => NULL
[refresh_views] => NULL
[set_default_tech] => NULL
[personal_token] => NULL
[personal_token_date] => NULL
[api_token] => NULL
[api_token_date] => NULL
[cookie_token] => NULL
[cookie_token_date] => NULL
[display_count_on_home] => NULL
[notification_to_myself] => NULL
[duedateok_color] => NULL
[duedatewarning_color] => NULL
[duedatecritical_color] => NULL
[duedatewarning_less] => NULL
[duedatecritical_less] => NULL
[duedatewarning_unit] => NULL
[duedatecritical_unit] => NULL
[display_options] => NULL
[is_deleted_ldap] => 0
[pdffont] => NULL
[picture] => NULL
[begin_date] => NULL
[end_date] => NULL
[keep_devices_when_purging_item] => NULL
[privatebookmarkorder] => NULL
[backcreated] => NULL
[task_state] => NULL
[palette] => NULL
[page_layout] => NULL
[fold_menu] => NULL
[fold_search] => NULL
[savedsearches_pinned] => NULL
[timeline_order] => NULL
[itil_layout] => NULL
[richtext_layout] => NULL
[set_default_requester] => NULL
[lock_autolock_mode] => NULL
[lock_directunlock_notification] => NULL
[date_creation] => 2024-07-11 11:17:41
[highcontrast_css] => NULL
[plannings] => NULL
[sync_field] => NULL
[groups_id] => 0
[users_id_supervisor] => 0
[timezone] => NULL
[default_dashboard_central] => NULL
[default_dashboard_assets] => NULL
[default_dashboard_helpdesk] => NULL
[default_dashboard_mini_ticket] => NULL
[default_central_tab] => NULL
[nickname] => NULL
[timeline_action_btn_layout] => NULL
[timeline_date_format] => NULL
[use_flat_dropdowntree_on_search_result] => NULL
)
~~~
There has been no activity on this issue for some time and therefore it is considered stale and will be closed automatically in 10 days.
If this issue is related to a bug, please try to reproduce on latest release. If the problem persist, feel free to add a comment to revive this issue. If it is related to a new feature, please open a topic to discuss with community about this enhancement on suggestion website.
You may also consider taking a subscription to get professionnal support or contact GLPI editor team directly.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}