How you do anything is how you do everything

Popular Tags

FusionPBX FreeSWITCH Security Clustering VoIP Linux MariaDB SEO Personal Load Balancing PHP High Availability Joomla Darktable Fail2Ban Nagios Mageia RPM DNS PowerDNS

Looking for RPMs? Set up our RHEL repo.

rpm

Works on CentOS6/7/8 & Alma/Rocky 8/9
Sponsored by OKay Inc

Changing Joomla Authentication Schema to Clear

Details
Category: Technology

Unfortunately, Joomla from version 1.5 (which I've noticed, and probably 1.0 as well) does not save your encrypted passwords hop classic format: encrypted, but does the opposite. This complicates the interaction with other programs wishing to use the access database to authenticate. Fortunately, there is a way to do it, with the risk involved that the password must be kept clear.

Changing to a clear scheme is not advisable, but you may need it under special circumstances.

Configuration

To do this, you must perform the following steps:

  1. edit the file libraries / joomla / user / helper.php file and change
    public static function getCryptedPassword ($ plaintext, $ salt ='', $ encryption = 'md5-hex', $ show_encrypt = false)
    by
    public static function getCryptedPassword ($ plaintext, $ salt ='', $ encryption = 'plain', $ show_encrypt = false)
  2. edit the file libraries / joomla file / user / user.php and change all occurrences of
    $Array ['password'] = $ crypt. ':'. $ Salt;
    by
    $Array ['password'] = $ crypt; / /. ':'. $ Salt;

Tested on Joomla 1.5 and 3.1.4

Joomla 3.2 is a little different:

  1. edit the file libraries / phpass / PasswordHash.php and change
    $Match = JCrypt::timingSafeCompare ($hash, $testcrypt);
    by
    $Match = JCrypt::timingSafeCompare($hash, $testcrypt) || JCrypt::timingSafeCompare ($hash, $ assword);
  2. edit the file libraries / joomla / user / user.php file, find the routine function HashPassword ($ password)and add
    return $password;
    at the beginning of the routine

Tested on Joomla 3.2.2

Joomla 3.3.0 is almost the same.

  1. edit the file libraries / joomla / user / helper file and change
    $Match = JCrypt::timingSafeCompare($hash, $testcrypt);
    by
    $Match = JCrypt::timingSafeCompare($hash, $testcrypt) || JCrypt::timingSafeCompare ($hash, $password);
  2. in the same file, find the routine function HashPassword ($ password)and add
    return $ password;
    at the beginning of the routine
  3. in the same file, change
    public static function getCryptedPassword($plaintext, $salt ='', $encryption = 'md5-hex', $show_encrypt = false)
    by
    public static function getCryptedPassword($plaintext, $salt ='', $encryption = 'plain', $show_encrypt = false)

Tested on Joomla 3.3.0 and 3.4.x

Enjoy!

Related Articles

Latest Articles

Do you need some FusionPBX free support? Join this FusionPBX/FreeSWITCH Support Channel.

telegram logo

To know the rules, read the pinned post

";