Attachment #218211 for bug #245815




# $FreeBSD: head/net/phpldapadmin/Makefile 511040 2019-09-03 21:09:28Z tz $

PORTNAME=	phpldapadmin
PORTVERSION=	1.2.6.2
PORTREVISION=	11
PORTEPOCH=	1
CATEGORIES=	net www
MASTER_SITES=	SF/${PORTNAME}/${PORTNAME}-php5/${PORTVERSION}
PKGNAMESUFFIX=	${PHP_PKGNAMESUFFIX}

MAINTAINER=	ports@bsdserwis.com


USES=		cpe php:web,flavors tar:tgz
USE_PHP=	gettext ldap openssl pcre session xml iconv hash
USE_GITHUB=	yes
GH_ACCOUNT=	leenooks
GH_PROJECT=	phpLDAPadmin

NO_ARCH=	yes
NO_BUILD=	yes
CPE_VENDOR=	deon_george

OPTIONS_DEFINE=	MCRYPT

MCRYPT_DESC=	Use pecl-mcrypt for password hashing

.include <bsd.port.options.mk>

GROUPS?=	${WWWGRP}
CFGDIR=		config
CFGFILE=	config.php

SUB_LIST+=	PKGNAME=${PKGNAME}
SUB_FILES+=	pkg-message

.if !defined(WITHOUT_PHP_DEPENDS)

.for opt in ${OPTIONS_DEFINE}
.	if ${PORT_OPTIONS:M${opt}}
USE_PHP+=	${opt:tl}
.	endif
.endfor

.if (${PHP_VER} == 73)
EXTRA_PATCHES+=	${FILESDIR}/extra-patch-lib__PageRender.php
.endif

.SILENT:

.include <bsd.port.pre.mk>

post-patch:
	cd ${WRKSRC} ;							    \

Lines 1-2 Link Here

(-)net/phpldapadmin.new/distinfo (-2 / +2 lines)
1	SHA256 (phpldapadmin-1.2.3.tgz) = aecaf8c3ce77ba3899dd31ee5ee183555b2f9349eb8e196dcd33d8a3c485ed58	1	SHA256 (leenooks-phpLDAPadmin-1.2.6.2_GH0.tar.gz) = 49b14019bf611267720b4e9de33f2502b44c526809f17225a4a76ee8296b8d64
2	SIZE (phpldapadmin-1.2.3.tgz) = 1115707	2	SIZE (leenooks-phpLDAPadmin-1.2.6.2_GH0.tar.gz) = 1128212




--- lib/QueryRender.php.orig	2019-08-07 01:14:46.000000000 +0200
+++ lib/QueryRender.php	2019-09-02 10:45:44.632080000 +0200
@@ -284,10 +284,10 @@ class QueryRender extends PageRender {
 
 							# Ignore DN, we've already displayed it.
 							if ($attr == 'dn')
-								continue;
+								continue 2;
 
 							if (! isset($dndetails[$attr]))
-								continue;
+								continue 2;
 
 							# Set our object with our values
 							$afattrs[$attr]->clearValue();
@@ -321,7 +321,7 @@ class QueryRender extends PageRender {
 					if (! $results) {
 						echo _('Search returned no results');
 
-						continue;
+						continue 2;
 					}
 
 					printf('<form action="cmd.php" method="post" id="massform_%s">',$counter);
@@ -374,7 +374,7 @@ class QueryRender extends PageRender {
 							# If the entry is blank, we'll draw an empty box and continue.
 							if (! isset($dndetails[$attr])) {
 								echo '<td>&nbsp;</td>';
-								continue;
+								continue 2;
 							}
 
 							# Special case for DNs
@@ -384,7 +384,7 @@ class QueryRender extends PageRender {
 									: htmlspecialchars($dndetails['dn']);
 
 								printf('<td><a href="cmd.php?%s">%s</a></td>',htmlspecialchars($href),$dn_display);
-								continue;
+								continue 2;
 							}
 
 							# Set our object with our values




--- config/config.php.example.orig	2012-10-01 06:54:14 UTC
+++ config/config.php.example
@@ -379,7 +379,7 @@ $servers->setValue('server','name','My L
 
 /* Default password hashing algorithm. One of md5, ssha, sha, md5crpyt, smd5,
    blowfish, crypt or leave blank for now default algorithm. */
-// $servers->setValue('appearance','password_hash','md5');
+// $servers->setValue('appearance','password_hash_custom','md5');
 
 /* If you specified 'cookie' or 'session' as the auth_type above, you can
    optionally specify here an attribute to use when logging in. If you enter
@@ -546,7 +546,7 @@ $servers->setValue('sasl','authz_id_rege
 $servers->setValue('sasl','authz_id_replacement','$1');
 $servers->setValue('sasl','props',null);
 
-$servers->setValue('appearance','password_hash','md5');
+$servers->setValue('appearance','password_hash_custom','md5');
 $servers->setValue('login','attr','dn');
 $servers->setValue('login','fallback_dn',false);
 $servers->setValue('login','class',null);




--- lib/PageRender.php.orig	2012-10-01 06:54:14 UTC
+++ lib/PageRender.php
@@ -287,7 +287,7 @@ class PageRender extends Visitor {
 						break;
 
 					default:
-						$vals[$i] = password_hash($passwordvalue,$enc);
+						$vals[$i] = password_hash_custom($passwordvalue,$enc);
 				}
 
 				$vals = array_unique($vals);
@@ -957,7 +957,7 @@ class PageRender extends Visitor {
 		if (trim($val))
 			$enc_type = get_enc_type($val);
 		else
-			$enc_type = $server->getValue('appearance','password_hash');
+			$enc_type = $server->getValue('appearance','password_hash_custom');
 
 		$obfuscate_password = obfuscate_password_display($enc_type);
 
@@ -982,7 +982,7 @@ class PageRender extends Visitor {
 		if (trim($val))
 			$enc_type = get_enc_type($val);
 		else
-			$enc_type = $server->getValue('appearance','password_hash');
+			$enc_type = $server->getValue('appearance','password_hash_custom');
 
 		echo '<table cellspacing="0" cellpadding="0"><tr><td valign="top">';
 

Lines 1-11 Link Here

(-)net/phpldapadmin.new/files/patch-lib__TemplateRender.php (-11 lines)
1	--- lib/TemplateRender.php.orig 2012-10-01 06:54:14 UTC
2	+++ lib/TemplateRender.php
3	@@ -2466,7 +2466,7 @@ function deleteAttribute(attrName,friend
4	if ($val = $attribute->getValue($i))
5	$default = get_enc_type($val);
6	else
7	- $default = $this->getServer()->getValue('appearance','password_hash');
8	+ $default = $this->getServer()->getValue('appearance','password_hash_custom');
9
10	if (! $attribute->getPostValue())
11	printf('<input type="hidden" name="post_value[%s][]" value="%s" />',$attribute->getName(),$i);

Lines 1-30 Link Here

(-)net/phpldapadmin.new/files/patch-lib__ds_ldap.php (-30 lines)
1	--- lib/ds_ldap.php.orig 2012-10-01 06:54:14 UTC
2	+++ lib/ds_ldap.php
3	@@ -1116,13 +1116,24 @@ class ldap extends DS {
4
5	if (is_array($dn)) {
6	$a = array();
7	- foreach ($dn as $key => $rdn)
8	- $a[$key] = preg_replace('/\\\([0-9A-Fa-f]{2})/e',"''.chr(hexdec('\\1')).''",$rdn);
9	+ foreach ($dn as $key => $rdn) {
10	+ $a[$key] = preg_replace_callback('/\\\([0-9A-Fa-f]{2})/',
11	+ function ($m) {
12	+ return ''.chr(hexdec('\\1')).'';
13	+ },
14	+ $rdn
15	+ );
16	+ }
17
18	return $a;
19
20	} else
21	- return preg_replace('/\\\([0-9A-Fa-f]{2})/e',"''.chr(hexdec('\\1')).''",$dn);
22	+ return preg_replace_callback('/\\\([0-9A-Fa-f]{2})/',
23	+ function ($m) {
24	+ return ''.chr(hexdec('\\1')).'';
25	+ },
26	+ $dn
27	+ );
28	}
29
30	public function getRootDSE($method=null) {

Lines 1-11 Link Here

(-)net/phpldapadmin.new/files/patch-lib__ds_ldap_pla.php (-11 lines)
1	--- lib/ds_ldap_pla.php.orig 2012-10-01 06:54:14 UTC
2	+++ lib/ds_ldap_pla.php
3	@@ -16,7 +16,7 @@ class ldap_pla extends ldap {
4	function __construct($index) {
5	parent::__construct($index);
6
7	- $this->default->appearance['password_hash'] = array(
8	+ $this->default->appearance['password_hash_custom'] = array(
9	'desc'=>'Default HASH to use for passwords',
10	'default'=>'md5');
11




--- lib/functions.php.orig	2012-10-01 06:54:14 UTC
+++ lib/functions.php
@@ -51,7 +51,7 @@ if (file_exists(LIBDIR.'functions.custom
 /**
  * Loads class definition
  */
-function __autoload($className) {
+function pla_autoloader($className) {
 	if (file_exists(HOOKSDIR."classes/$className.php"))
 		require_once(HOOKSDIR."classes/$className.php");
 	elseif (file_exists(LIBDIR."$className.php"))
@@ -65,6 +65,7 @@ function __autoload($className) {
 				__METHOD__,_('Called to load a class that cant be found'),$className),
 			'type'=>'error'));
 }
+spl_autoload_register('pla_autoloader');
 
 /**
  * Strips all slashes from the specified array in place (pass by ref).
@@ -745,6 +746,7 @@ function blowfish_encrypt($data,$secret=
 	if (! trim($secret))
 		return $data;
 
+/*
 	if (function_exists('mcrypt_module_open') && ! empty($data)) {
 		$td = mcrypt_module_open(MCRYPT_BLOWFISH,'',MCRYPT_MODE_ECB,'');
 		$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td),MCRYPT_DEV_URANDOM);
@@ -754,6 +756,7 @@ function blowfish_encrypt($data,$secret=
 
 		return $encrypted_data;
 	}
+*/
 
 	if (file_exists(LIBDIR.'blowfish.php'))
 		require_once LIBDIR.'blowfish.php';
@@ -801,6 +804,7 @@ function blowfish_decrypt($encdata,$secr
 	if (! trim($secret))
 		return $encdata;
 
+/*
 	if (function_exists('mcrypt_module_open') && ! empty($encdata)) {
 		$td = mcrypt_module_open(MCRYPT_BLOWFISH,'',MCRYPT_MODE_ECB,'');
 		$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td),MCRYPT_DEV_URANDOM);
@@ -810,6 +814,7 @@ function blowfish_decrypt($encdata,$secr
 
 		return $decrypted_data;
 	}
+*/
 
 	if (file_exists(LIBDIR.'blowfish.php'))
 		require_once LIBDIR.'blowfish.php';
@@ -1080,7 +1085,7 @@ function masort(&$data,$sortby,$rev=0) {
 
 		$code .= 'return $c;';
 
-		$CACHE[$sortby] = create_function('$a, $b',$code);
+		$CACHE[$sortby] = function($a, $b) { global $code; return $code; };
 	}
 
 	uasort($data,$CACHE[$sortby]);
@@ -2127,7 +2132,7 @@ function password_types() {
  *        crypt, ext_des, md5crypt, blowfish, md5, sha, smd5, ssha, sha512, or clear.
  * @return string The hashed password.
  */
-function password_hash($password_clear,$enc_type) {
+function password_hash_custom($password_clear,$enc_type) {
 	if (DEBUG_ENABLED && (($fargs=func_get_args())||$fargs='NOARGS'))
 		debug_log('Entered (%%)',1,0,__FILE__,__LINE__,__METHOD__,$fargs);
 
@@ -2318,7 +2323,7 @@ function password_check($cryptedpassword
 
 		# SHA crypted passwords
 		case 'sha':
-			if (strcasecmp(password_hash($plainpassword,'sha'),'{SHA}'.$cryptedpassword) == 0)
+			if (strcasecmp(password_hash_custom($plainpassword,'sha'),'{SHA}'.$cryptedpassword) == 0)
 				return true;
 			else
 				return false;
@@ -2327,7 +2332,7 @@ function password_check($cryptedpassword
 
 		# MD5 crypted passwords
 		case 'md5':
-			if( strcasecmp(password_hash($plainpassword,'md5'),'{MD5}'.$cryptedpassword) == 0)
+			if( strcasecmp(password_hash_custom($plainpassword,'md5'),'{MD5}'.$cryptedpassword) == 0)
 				return true;
 			else
 				return false;
@@ -2392,7 +2397,7 @@ function password_check($cryptedpassword
 
 		# SHA512 crypted passwords
 		case 'sha512':
-			if (strcasecmp(password_hash($plainpassword,'sha512'),'{SHA512}'.$cryptedpassword) == 0)
+			if (strcasecmp(password_hash_custom($plainpassword,'sha512'),'{SHA512}'.$cryptedpassword) == 0)
 				return true;
 			else
 				return false;
@@ -2564,13 +2569,24 @@ function dn_unescape($dn) {
 	if (is_array($dn)) {
 		$a = array();
 
-		foreach ($dn as $key => $rdn)
-			$a[$key] = preg_replace('/\\\([0-9A-Fa-f]{2})/e',"''.chr(hexdec('\\1')).''",$rdn);
+		foreach ($dn as $key => $rdn) {
+			$a[$key] = preg_replace_callback('/\\\([0-9A-Fa-f]{2})/',
+				function ($m) {
+					return ''.chr(hexdec('\\1')).'';
+				},
+				$rdn
+			);
+		}
 
 		return $a;
 
 	} else {
-		return preg_replace('/\\\([0-9A-Fa-f]{2})/e',"''.chr(hexdec('\\1')).''",$dn);
+		 return  preg_replace_callback('/\\\([0-9A-Fa-f]{2})/',
+			 function ($m) {
+				return ''.chr(hexdec('\\1')).'';
+			},
+			$dn
+		);
 	}
 }
 

Return to bug 245815

Lines 2-12 Link Here

(-)net/phpldapadmin.new/Makefile (-8 / +20 lines)
2	# $FreeBSD: head/net/phpldapadmin/Makefile 511040 2019-09-03 21:09:28Z tz $	2	# $FreeBSD: head/net/phpldapadmin/Makefile 511040 2019-09-03 21:09:28Z tz $
3		3
4	PORTNAME= phpldapadmin	4	PORTNAME= phpldapadmin
5	PORTVERSION= 1.2.3	5	PORTVERSION= 1.2.6.2
6	PORTREVISION= 11
7	PORTEPOCH= 1
8	CATEGORIES= net www	6	CATEGORIES= net www
9	MASTER_SITES= SF/${PORTNAME}/${PORTNAME}-php5/${PORTVERSION}
10	PKGNAMESUFFIX= ${PHP_PKGNAMESUFFIX}	7	PKGNAMESUFFIX= ${PHP_PKGNAMESUFFIX}
11		8
12	MAINTAINER= ports@bsdserwis.com	9	MAINTAINER= ports@bsdserwis.com
Lines 17-27 Link Here
17		14
18	USES= cpe php:web,flavors tar:tgz	15	USES= cpe php:web,flavors tar:tgz
19	USE_PHP= gettext ldap openssl pcre session xml iconv hash	16	USE_PHP= gettext ldap openssl pcre session xml iconv hash
		17	USE_GITHUB= yes
		18	GH_ACCOUNT= leenooks
		19	GH_PROJECT= phpLDAPadmin
20		20
21	NO_ARCH= yes	21	NO_ARCH= yes
22	NO_BUILD= yes	22	NO_BUILD= yes
23	CPE_VENDOR= deon_george	23	CPE_VENDOR= deon_george
24		24
		25	OPTIONS_DEFINE= MCRYPT
		26
		27	MCRYPT_DESC= Use pecl-mcrypt for password hashing
		28
		29	.include <bsd.port.options.mk>
		30
25	GROUPS?= ${WWWGRP}	31	GROUPS?= ${WWWGRP}
26	CFGDIR= config	32	CFGDIR= config
27	CFGFILE= config.php	33	CFGFILE= config.php
Lines 32-44 Link Here
32	SUB_LIST+= PKGNAME=${PKGNAME}	38	SUB_LIST+= PKGNAME=${PKGNAME}
33	SUB_FILES+= pkg-message	39	SUB_FILES+= pkg-message
34		40
35	.SILENT:	41	.if !defined(WITHOUT_PHP_DEPENDS)
36		42
37	.include <bsd.port.pre.mk>	43	.for opt in ${OPTIONS_DEFINE}
		44	. if ${PORT_OPTIONS:M${opt}}
		45	USE_PHP+= ${opt:tl}
		46	. endif
		47	.endfor
38		48
39	.if (${PHP_VER} == 73)
40	EXTRA_PATCHES+= ${FILESDIR}/extra-patch-lib__PageRender.php
41	.endif	49	.endif
		50
		51	.SILENT:
		52
		53	.include <bsd.port.pre.mk>
42		54
43	post-patch:	55	post-patch:
44	cd ${WRKSRC} ; \	56	cd ${WRKSRC} ; \

Lines 1-42 Link Here

(-)net/phpldapadmin.new/files/extra-patch-lib__PageRender.php (-42 lines)
1	--- lib/QueryRender.php.orig 2019-08-07 01:14:46.000000000 +0200
2	+++ lib/QueryRender.php 2019-09-02 10:45:44.632080000 +0200
3	@@ -284,10 +284,10 @@ class QueryRender extends PageRender {
4
5	# Ignore DN, we've already displayed it.
6	if ($attr == 'dn')
7	- continue;
8	+ continue 2;
9
10	if (! isset($dndetails[$attr]))
11	- continue;
12	+ continue 2;
13
14	# Set our object with our values
15	$afattrs[$attr]->clearValue();
16	@@ -321,7 +321,7 @@ class QueryRender extends PageRender {
17	if (! $results) {
18	echo _('Search returned no results');
19
20	- continue;
21	+ continue 2;
22	}
23
24	printf('<form action="cmd.php" method="post" id="massform_%s">',$counter);
25	@@ -374,7 +374,7 @@ class QueryRender extends PageRender {
26	# If the entry is blank, we'll draw an empty box and continue.
27	if (! isset($dndetails[$attr])) {
28	echo '<td> </td>';
29	- continue;
30	+ continue 2;
31	}
32
33	# Special case for DNs
34	@@ -384,7 +384,7 @@ class QueryRender extends PageRender {
35	: htmlspecialchars($dndetails['dn']);
36
37	printf('<td><a href="cmd.php?%s">%s</a></td>',htmlspecialchars($href),$dn_display);
38	- continue;
39	+ continue 2;
40	}
41
42	# Set our object with our values

Lines 1-20 Link Here

(-)net/phpldapadmin.new/files/patch-config__config.php.example (-20 lines)
1	--- config/config.php.example.orig 2012-10-01 06:54:14 UTC
2	+++ config/config.php.example
3	@@ -379,7 +379,7 @@ $servers->setValue('server','name','My L
4
5	/* Default password hashing algorithm. One of md5, ssha, sha, md5crpyt, smd5,
6	blowfish, crypt or leave blank for now default algorithm. */
7	-// $servers->setValue('appearance','password_hash','md5');
8	+// $servers->setValue('appearance','password_hash_custom','md5');
9
10	/* If you specified 'cookie' or 'session' as the auth_type above, you can
11	optionally specify here an attribute to use when logging in. If you enter
12	@@ -546,7 +546,7 @@ $servers->setValue('sasl','authz_id_rege
13	$servers->setValue('sasl','authz_id_replacement','$1');
14	$servers->setValue('sasl','props',null);
15
16	-$servers->setValue('appearance','password_hash','md5');
17	+$servers->setValue('appearance','password_hash_custom','md5');
18	$servers->setValue('login','attr','dn');
19	$servers->setValue('login','fallback_dn',false);
20	$servers->setValue('login','class',null);

Lines 1-29 Link Here

(-)net/phpldapadmin.new/files/patch-lib__PageRender.php (-29 lines)
1	--- lib/PageRender.php.orig 2012-10-01 06:54:14 UTC
2	+++ lib/PageRender.php
3	@@ -287,7 +287,7 @@ class PageRender extends Visitor {
4	break;
5
6	default:
7	- $vals[$i] = password_hash($passwordvalue,$enc);
8	+ $vals[$i] = password_hash_custom($passwordvalue,$enc);
9	}
10
11	$vals = array_unique($vals);
12	@@ -957,7 +957,7 @@ class PageRender extends Visitor {
13	if (trim($val))
14	$enc_type = get_enc_type($val);
15	else
16	- $enc_type = $server->getValue('appearance','password_hash');
17	+ $enc_type = $server->getValue('appearance','password_hash_custom');
18
19	$obfuscate_password = obfuscate_password_display($enc_type);
20
21	@@ -982,7 +982,7 @@ class PageRender extends Visitor {
22	if (trim($val))
23	$enc_type = get_enc_type($val);
24	else
25	- $enc_type = $server->getValue('appearance','password_hash');
26	+ $enc_type = $server->getValue('appearance','password_hash_custom');
27
28	echo '<table cellspacing="0" cellpadding="0"><tr><td valign="top">';
29

Lines 1-124 Link Here

(-)net/phpldapadmin.new/files/patch-lib__functions.php (-124 lines)
1	--- lib/functions.php.orig 2012-10-01 06:54:14 UTC
2	+++ lib/functions.php
3	@@ -51,7 +51,7 @@ if (file_exists(LIBDIR.'functions.custom
4	/**
5	* Loads class definition
6	*/
7	-function __autoload($className) {
8	+function pla_autoloader($className) {
9	if (file_exists(HOOKSDIR."classes/$className.php"))
10	require_once(HOOKSDIR."classes/$className.php");
11	elseif (file_exists(LIBDIR."$className.php"))
12	@@ -65,6 +65,7 @@ function __autoload($className) {
13	__METHOD__,_('Called to load a class that cant be found'),$className),
14	'type'=>'error'));
15	}
16	+spl_autoload_register('pla_autoloader');
17
18	/**
19	* Strips all slashes from the specified array in place (pass by ref).
20	@@ -745,6 +746,7 @@ function blowfish_encrypt($data,$secret=
21	if (! trim($secret))
22	return $data;
23
24	+/*
25	if (function_exists('mcrypt_module_open') && ! empty($data)) {
26	$td = mcrypt_module_open(MCRYPT_BLOWFISH,'',MCRYPT_MODE_ECB,'');
27	$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td),MCRYPT_DEV_URANDOM);
28	@@ -754,6 +756,7 @@ function blowfish_encrypt($data,$secret=
29
30	return $encrypted_data;
31	}
32	+*/
33
34	if (file_exists(LIBDIR.'blowfish.php'))
35	require_once LIBDIR.'blowfish.php';
36	@@ -801,6 +804,7 @@ function blowfish_decrypt($encdata,$secr
37	if (! trim($secret))
38	return $encdata;
39
40	+/*
41	if (function_exists('mcrypt_module_open') && ! empty($encdata)) {
42	$td = mcrypt_module_open(MCRYPT_BLOWFISH,'',MCRYPT_MODE_ECB,'');
43	$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td),MCRYPT_DEV_URANDOM);
44	@@ -810,6 +814,7 @@ function blowfish_decrypt($encdata,$secr
45
46	return $decrypted_data;
47	}
48	+*/
49
50	if (file_exists(LIBDIR.'blowfish.php'))
51	require_once LIBDIR.'blowfish.php';
52	@@ -1080,7 +1085,7 @@ function masort(&$data,$sortby,$rev=0) {
53
54	$code .= 'return $c;';
55
56	- $CACHE[$sortby] = create_function('$a, $b',$code);
57	+ $CACHE[$sortby] = function($a, $b) { global $code; return $code; };
58	}
59
60	uasort($data,$CACHE[$sortby]);
61	@@ -2127,7 +2132,7 @@ function password_types() {
62	* crypt, ext_des, md5crypt, blowfish, md5, sha, smd5, ssha, sha512, or clear.
63	* @return string The hashed password.
64	*/
65	-function password_hash($password_clear,$enc_type) {
66	+function password_hash_custom($password_clear,$enc_type) {
67	if (DEBUG_ENABLED && (($fargs=func_get_args())\|\|$fargs='NOARGS'))
68	debug_log('Entered (%%)',1,0,__FILE__,__LINE__,__METHOD__,$fargs);
69
70	@@ -2318,7 +2323,7 @@ function password_check($cryptedpassword
71
72	# SHA crypted passwords
73	case 'sha':
74	- if (strcasecmp(password_hash($plainpassword,'sha'),'{SHA}'.$cryptedpassword) == 0)
75	+ if (strcasecmp(password_hash_custom($plainpassword,'sha'),'{SHA}'.$cryptedpassword) == 0)
76	return true;
77	else
78	return false;
79	@@ -2327,7 +2332,7 @@ function password_check($cryptedpassword
80
81	# MD5 crypted passwords
82	case 'md5':
83	- if( strcasecmp(password_hash($plainpassword,'md5'),'{MD5}'.$cryptedpassword) == 0)
84	+ if( strcasecmp(password_hash_custom($plainpassword,'md5'),'{MD5}'.$cryptedpassword) == 0)
85	return true;
86	else
87	return false;
88	@@ -2392,7 +2397,7 @@ function password_check($cryptedpassword
89
90	# SHA512 crypted passwords
91	case 'sha512':
92	- if (strcasecmp(password_hash($plainpassword,'sha512'),'{SHA512}'.$cryptedpassword) == 0)
93	+ if (strcasecmp(password_hash_custom($plainpassword,'sha512'),'{SHA512}'.$cryptedpassword) == 0)
94	return true;
95	else
96	return false;
97	@@ -2564,13 +2569,24 @@ function dn_unescape($dn) {
98	if (is_array($dn)) {
99	$a = array();
100
101	- foreach ($dn as $key => $rdn)
102	- $a[$key] = preg_replace('/\\\([0-9A-Fa-f]{2})/e',"''.chr(hexdec('\\1')).''",$rdn);
103	+ foreach ($dn as $key => $rdn) {
104	+ $a[$key] = preg_replace_callback('/\\\([0-9A-Fa-f]{2})/',
105	+ function ($m) {
106	+ return ''.chr(hexdec('\\1')).'';
107	+ },
108	+ $rdn
109	+ );
110	+ }
111
112	return $a;
113
114	} else {
115	- return preg_replace('/\\\([0-9A-Fa-f]{2})/e',"''.chr(hexdec('\\1')).''",$dn);
116	+ return preg_replace_callback('/\\\([0-9A-Fa-f]{2})/',
117	+ function ($m) {
118	+ return ''.chr(hexdec('\\1')).'';
119	+ },
120	+ $dn
121	+ );
122	}
123	}
124