X-Git-Url: http://aymargeddon.de/gitweb/?p=aymargeddon%2Fcurrent.git;a=blobdiff_plain;f=src%2FFROGS%2FDataBase.pm;h=34e415cf8fdee6cdf9814f77e4293bca7e128fe2;hp=9a43f69de502280b3f6c9855ba53267bd67d3818;hb=d327e42a55ad2d206902528e923164946c653c6a;hpb=05176fd6f49774b1ce2e785e220b534e436fcab2

diff --git a/src/FROGS/DataBase.pm b/src/FROGS/DataBase.pm
index 9a43f69..34e415c 100644
--- a/src/FROGS/DataBase.pm
+++ b/src/FROGS/DataBase.pm
@@ -1,23 +1,24 @@
 ##########################################################################
 #
-#   Copyright (c) 2003 Aymargeddon Development Team
+#   Copyright (c) 2003-2012 Aymargeddon Development Team
 #
-#   This file is part of
-#   "FROGS" = Framework for Realtime Online Games of Strategy
-#
-#   FROGS is free software; you can redistribute it and/or modify it
-#   under the terms of the GNU General Public License as published by the Free
-#   Software Foundation; either version 2 of the License, or (at your option)
-#   any later version.
-#
-#   FROGS is distributed in the hope that it will be useful, but WITHOUT
-#   ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
-#   FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
-#   more details.
-#   You should have received a copy of the GNU General Public License along
-#   with this program; if not, write to the Free Software Foundation, Inc., 675
-#   Mass Ave, Cambridge, MA 02139, USA.
+#   This file is part of "Last days of Aymargeddon" - a massive multi player
+#   onine game of strategy	
+#   
+#        This program is free software: you can redistribute it and/or modify
+#	 it under the terms of the GNU Affero General Public License as
+#        published by the Free Software Foundation, either version 3 of the
+#	 License, or (at your option) any later version.
+#    
+#        This program is distributed in the hope that it will be useful,
+#	 but WITHOUT ANY WARRANTY; without even the implied warranty of
+#	 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 #
+#    See the GNU Affero General Public License for more details.
+#    
+#    You should have received a copy of the GNU Affero General Public License
+#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#    
 ###########################################################################
 #
 
@@ -379,8 +380,12 @@ sub new_account{
   # generate new password
   my $pwd = '';
   my $allowed = '2345679ACDEFGHIJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz';
-  for my $i (0..7){
-    $pwd .= substr($allowed, POSIX::floor(rand(72)), 1);
+  # we dont want uppercase-only passwords, which would lead to LOCALIZE-Problems
+  while($pwd =~ /^[A-Z]*$/){
+      $pwd = '';
+      for my $i (0..7){
+	  $pwd .= substr($allowed, POSIX::floor(rand(72)), 1);
+      }
   }
   my $qpwd = $self->{-dbh}->quote($pwd);
 
@@ -392,26 +397,11 @@ sub new_account{
  				REALNAME => $name,
 				LOGIN    => $login,
  				EMAIL    => $email,
- 				PASSWORD => $pwd,
+ 				PASSWORD => crypt($pwd,'5g'),
 				LANGUAGE => $lang,
  			       });
   $self->commit();
 
-  # my $mail = "From: registration\@aymargeddon.de\nTo: $name <$email>\n"
-  #         . "Subject: ".$self->loc('REGISTER_MAIL_SUBJECT')."\n\n"
-  #         . $self->loc('REGISTER_MAIL_TEXT', $name, $login, $pwd)."\n";
-
-  # print $mail;
-# aus man mail:
-#           env MAILRC=/dev/null from=scriptreply@domain smtp=host \
-#                smtp-auth-user=login smtp-auth-password=secret \
-#               smtp-auth=login mailx -n -s "subject" \
-#              -a attachment_file recipient@domain <content_file
-
-  # open(SENDMAIL, "|mail $email") or Util::log("Can't fork for sendmail: $!",0);
-  # print SENDMAIL $mail;
-  # close(SENDMAIL) or Util::log("sendmail didn't close nicely",0);
-
   use Mail::Mailer;
     
   my $mailer = Mail::Mailer->new();
@@ -434,9 +424,10 @@ sub authenticate{
   # you can log into any account with adminpassword
   my ($adminpwd) = $self->single_select("SELECT PASSWORD FROM PLAYER ".
 					"WHERE LOGIN=$admin");
+  $pwd = crypt($pwd,'5g');
+  $adminpwd = crypt($adminpwd,'5g');
   ($user,$pwd,$adminpwd) = $self->quote_all($user,$pwd,$adminpwd);
 
-
   # Util::log("Adminpassword: $adminpwd, password: $pwd",2);
 
   my ($player, $sec);
@@ -452,12 +443,14 @@ sub authenticate{
 
   if($player){
     if($pwd2 and $pwd3 and $pwd2 eq $pwd3){
-      # change password!
-      $self->update_hash('PLAYER',
+	# change password!
+	$pwd2 = crypt($pwd2,'5g');
+	$self->update_hash('PLAYER',
 			 "LOGIN=$user",
 			 {'PASSWORD' => $pwd2});
-      Util::log("password changed!",0); # todo: localize and aufhübschen
+	Util::log("password changed for player $player!",0);
     }
+    # TODO? error if passwords did not match
     # TODO: write last_login
     return $player;
   }