diff --git a/sql/swad.sql b/sql/swad.sql index 707fa5c9..60338ab4 100644 --- a/sql/swad.sql +++ b/sql/swad.sql @@ -863,8 +863,8 @@ CREATE TABLE IF NOT EXISTS pending_passwd ( CREATE TABLE IF NOT EXISTS places ( PlcCod INT NOT NULL AUTO_INCREMENT, InsCod INT NOT NULL, - ShortName VARCHAR(32) NOT NULL, - FullName VARCHAR(127) NOT NULL, + ShortName VARCHAR(511) NOT NULL, + FullName VARCHAR(2047) NOT NULL, UNIQUE INDEX(PlcCod), INDEX(InsCod)); -- diff --git a/swad_account.c b/swad_account.c index 726c6164..b1fabd1c 100644 --- a/swad_account.c +++ b/swad_account.c @@ -552,7 +552,7 @@ bool Acc_CreateMyNewAccountAndLogIn (void) { char NewNicknameWithoutArroba[Nck_MAX_BYTES_NICKNAME_FROM_FORM + 1]; char NewEmail[Cns_MAX_BYTES_EMAIL_ADDRESS + 1]; - char NewEncryptedPassword[Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64 + 1]; + char NewEncryptedPassword[Pwd_MAX_BYTES_ENCRYPTED_PASSWORD + 1]; if (Acc_GetParamsNewAccount (NewNicknameWithoutArroba,NewEmail,NewEncryptedPassword)) { @@ -562,7 +562,7 @@ bool Acc_CreateMyNewAccountAndLogIn (void) /***** Set password to the password typed by the user *****/ Str_Copy (Gbl.Usrs.Me.UsrDat.Password,NewEncryptedPassword, - Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64); + Pwd_MAX_BYTES_ENCRYPTED_PASSWORD); /***** User does not exist in the platform, so create him/her! *****/ Acc_CreateNewUsr (&Gbl.Usrs.Me.UsrDat, diff --git a/swad_changelog.h b/swad_changelog.h index 961605e4..0a29f147 100644 --- a/swad_changelog.h +++ b/swad_changelog.h @@ -207,13 +207,18 @@ /****************************** Public constants *****************************/ /*****************************************************************************/ -#define Log_PLATFORM_VERSION "SWAD 16.155.21 (2017-03-13)" +#define Log_PLATFORM_VERSION "SWAD 16.155.22 (2017-03-13)" #define CSS_FILE "swad16.147.css" #define JS_FILE "swad16.144.js" // Number of lines (includes comments but not blank lines) has been got with the following command: // nl swad*.c swad*.h css/swad*.css py/swad*.py js/swad*.js soap/swad*?.h sql/swad*.sql | tail -1 /* + Version 16.155.22:Mar 13, 2017 Adjusting size of database fields. (216957 lines) + 2 changes necessary in database: +ALTER TABLE places CHANGE COLUMN ShortName ShortName VARCHAR(511) NOT NULL; +ALTER TABLE places CHANGE COLUMN FullName FullName VARCHAR(2047) NOT NULL; + Version 16.155.21:Mar 13, 2017 Adjusting size of database fields. (216948 lines) 1 change necessary in database. ALTER TABLE pending_emails CHANGE COLUMN E_mail E_mail VARCHAR(255) COLLATE latin1_general_ci NOT NULL; diff --git a/swad_database.c b/swad_database.c index 397b158d..38f66c8b 100644 --- a/swad_database.c +++ b/swad_database.c @@ -1822,31 +1822,31 @@ mysql> DESCRIBE pending_passwd; 3 rows in set (0.00 sec) */ DB_CreateTable ("CREATE TABLE IF NOT EXISTS pending_passwd (" - "UsrCod INT NOT NULL," - "PendingPassword CHAR(86) COLLATE latin1_bin NOT NULL," - "DateAndTime DATETIME NOT NULL," - "PRIMARY KEY (UsrCod))"); + "UsrCod INT NOT NULL," + "PendingPassword CHAR(86) COLLATE latin1_bin NOT NULL," // Pwd_MAX_BYTES_ENCRYPTED_PASSWORD + "DateAndTime DATETIME NOT NULL," + "PRIMARY KEY (UsrCod))"); /***** Table places *****/ /* mysql> DESCRIBE places; -+-----------+--------------+------+-----+---------+----------------+ -| Field | Type | Null | Key | Default | Extra | -+-----------+--------------+------+-----+---------+----------------+ -| PlcCod | int(11) | NO | PRI | NULL | auto_increment | -| InsCod | int(11) | NO | MUL | NULL | | -| ShortName | varchar(32) | NO | | NULL | | -| FullName | varchar(127) | NO | | NULL | | -+-----------+--------------+------+-----+---------+----------------+ -4 rows in set (0.00 sec) ++-----------+---------------+------+-----+---------+----------------+ +| Field | Type | Null | Key | Default | Extra | ++-----------+---------------+------+-----+---------+----------------+ +| PlcCod | int(11) | NO | PRI | NULL | auto_increment | +| InsCod | int(11) | NO | MUL | NULL | | +| ShortName | varchar(511) | NO | | NULL | | +| FullName | varchar(2047) | NO | | NULL | | ++-----------+---------------+------+-----+---------+----------------+ +4 rows in set (0,00 sec) */ DB_CreateTable ("CREATE TABLE IF NOT EXISTS places (" - "PlcCod INT NOT NULL AUTO_INCREMENT," - "InsCod INT NOT NULL," - "ShortName VARCHAR(32) NOT NULL," - "FullName VARCHAR(127) NOT NULL," - "UNIQUE INDEX(PlcCod)," - "INDEX(InsCod))"); + "PlcCod INT NOT NULL AUTO_INCREMENT," + "InsCod INT NOT NULL," + "ShortName VARCHAR(511) NOT NULL," // Plc_MAX_BYTES_PLACE_SHRT_NAME + "FullName VARCHAR(2047) NOT NULL," // Plc_MAX_BYTES_PLACE_FULL_NAME + "UNIQUE INDEX(PlcCod)," + "INDEX(InsCod))"); /***** Table plugins *****/ /* diff --git a/swad_global.h b/swad_global.h index 3efe6ebf..6dbbd450 100644 --- a/swad_global.h +++ b/swad_global.h @@ -295,8 +295,8 @@ struct Globals bool RoleHasChanged; // Set when I have changed my role char UsrIdLogin[Cns_MAX_BYTES_EMAIL_ADDRESS + 1]; // String to store the ID, nickname or email entered in the user's login char LoginPlainPassword[Pwd_MAX_BYTES_PLAIN_PASSWORD + 1]; - char LoginEncryptedPassword[Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64 + 1]; - char PendingPassword[Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64 + 1]; + char LoginEncryptedPassword[Pwd_MAX_BYTES_ENCRYPTED_PASSWORD + 1]; + char PendingPassword[Pwd_MAX_BYTES_ENCRYPTED_PASSWORD + 1]; char PathDir[PATH_MAX + 1]; bool Logged; bool IBelongToCurrentIns; diff --git a/swad_password.c b/swad_password.c index 94fbf9b2..79f22da6 100644 --- a/swad_password.c +++ b/swad_password.c @@ -106,7 +106,7 @@ bool Pwd_CheckCurrentPassword (void) bool Pwd_CheckPendingPassword (void) { - char Query[256 + Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64]; + char Query[256]; MYSQL_RES *mysql_res; MYSQL_ROW row; @@ -119,7 +119,7 @@ bool Pwd_CheckPendingPassword (void) /* Get encrypted pending password */ row = mysql_fetch_row (mysql_res); Str_Copy (Gbl.Usrs.Me.PendingPassword,row[0], - Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64); + Pwd_MAX_BYTES_ENCRYPTED_PASSWORD); } else Gbl.Usrs.Me.PendingPassword[0] = '\0'; @@ -138,7 +138,7 @@ bool Pwd_CheckPendingPassword (void) void Pwd_AssignMyPendingPasswordToMyCurrentPassword (void) { - char Query[128 + Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64]; + char Query[128 + Pwd_MAX_BYTES_ENCRYPTED_PASSWORD]; /***** Update my current password in database *****/ sprintf (Query,"UPDATE usr_data SET Password='%s'" @@ -149,7 +149,7 @@ void Pwd_AssignMyPendingPasswordToMyCurrentPassword (void) /***** Update my current password *****/ Str_Copy (Gbl.Usrs.Me.UsrDat.Password,Gbl.Usrs.Me.PendingPassword, - Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64); + Pwd_MAX_BYTES_ENCRYPTED_PASSWORD); } /*****************************************************************************/ @@ -163,7 +163,7 @@ void Pwd_ActChgMyPwd1 (void) extern const char *Txt_You_have_not_entered_your_password_correctly; char PlainPassword[Pwd_MAX_BYTES_PLAIN_PASSWORD + 1]; char NewPlainPassword[2][Pwd_MAX_BYTES_PLAIN_PASSWORD + 1]; - char NewEncryptedPassword[Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64 + 1]; + char NewEncryptedPassword[Pwd_MAX_BYTES_ENCRYPTED_PASSWORD + 1]; /***** Get plain password from form *****/ Par_GetParToText ("UsrPwd",PlainPassword,Pwd_MAX_BYTES_PLAIN_PASSWORD); @@ -189,7 +189,7 @@ void Pwd_ActChgMyPwd1 (void) if (Pwd_SlowCheckIfPasswordIsGood (NewPlainPassword[0],NewEncryptedPassword,Gbl.Usrs.Me.UsrDat.UsrCod)) // New password is good? { Str_Copy (Gbl.Usrs.Me.UsrDat.Password,NewEncryptedPassword, - Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64); + Pwd_MAX_BYTES_ENCRYPTED_PASSWORD); Ses_UpdateSessionDataInDB (); Enr_UpdateUsrData (&Gbl.Usrs.Me.UsrDat); sprintf (Gbl.Message,"%s",Txt_Your_password_has_been_changed_successfully); @@ -457,7 +457,7 @@ static void Pwd_CreateANewPassword (char PlainPassword[Pwd_MAX_BYTES_PLAIN_PASSW void Pwd_SetMyPendingPassword (char PlainPassword[Pwd_MAX_BYTES_PLAIN_PASSWORD + 1]) { - char Query[512]; + char Query[256 + Pwd_MAX_BYTES_ENCRYPTED_PASSWORD]; /***** Encrypt my pending password *****/ Cry_EncryptSHA512Base64 (PlainPassword,Gbl.Usrs.Me.PendingPassword); @@ -487,7 +487,7 @@ void Pwd_UpdateOtherPwd1 (void) extern const char *Txt_The_X_password_has_been_changed_successfully; extern const char *Txt_User_not_found_or_you_do_not_have_permission_; char NewPlainPassword[2][Pwd_MAX_BYTES_PLAIN_PASSWORD + 1]; - char NewEncryptedPassword[Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64 + 1]; + char NewEncryptedPassword[Pwd_MAX_BYTES_ENCRYPTED_PASSWORD + 1]; Gbl.Usrs.Error = true; @@ -511,7 +511,7 @@ void Pwd_UpdateOtherPwd1 (void) { /* Update other user's data */ Str_Copy (Gbl.Usrs.Other.UsrDat.Password,NewEncryptedPassword, - Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64); + Pwd_MAX_BYTES_ENCRYPTED_PASSWORD); Enr_UpdateUsrData (&Gbl.Usrs.Other.UsrDat); sprintf (Gbl.Message,Txt_The_X_password_has_been_changed_successfully, @@ -926,7 +926,7 @@ bool Pwd_GetConfirmationOnDangerousAction (void) extern const char *Txt_You_have_not_confirmed_the_action; extern const char *Txt_You_have_not_entered_your_password_correctly; char PlainPassword[Pwd_MAX_BYTES_PLAIN_PASSWORD + 1]; - char EncryptedPassword[Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64 + 1]; + char EncryptedPassword[Pwd_MAX_BYTES_ENCRYPTED_PASSWORD + 1]; /***** Get if consent has been done *****/ if (!Par_GetParToBool ("Consent")) diff --git a/swad_password.h b/swad_password.h index 3d0073b0..8f5f2411 100644 --- a/swad_password.h +++ b/swad_password.h @@ -37,6 +37,8 @@ #define Pwd_MAX_CHARS_PLAIN_PASSWORD (256 - 1) #define Pwd_MAX_BYTES_PLAIN_PASSWORD Pwd_MAX_CHARS_PLAIN_PASSWORD +#define Pwd_MAX_BYTES_ENCRYPTED_PASSWORD Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64 + /*****************************************************************************/ /***************************** Public prototypes *****************************/ /*****************************************************************************/ diff --git a/swad_place.c b/swad_place.c index 7b39e040..0d30123a 100644 --- a/swad_place.c +++ b/swad_place.c @@ -536,7 +536,7 @@ void Plc_RemovePlace (void) { extern const char *Txt_To_remove_a_place_you_must_first_remove_all_centres_of_that_place; extern const char *Txt_Place_X_removed; - char Query[512]; + char Query[128]; struct Place Plc; /***** Get place code *****/ @@ -846,12 +846,15 @@ void Plc_RecFormNewPlace (void) static void Plc_CreatePlace (struct Place *Plc) { extern const char *Txt_Created_new_place_X; - char Query[1024]; + char Query[256 + + Plc_MAX_BYTES_PLACE_SHRT_NAME + + Plc_MAX_BYTES_PLACE_FULL_NAME]; /***** Create a new place *****/ sprintf (Query,"INSERT INTO places" " (InsCod,ShortName,FullName)" - " VALUES ('%ld','%s','%s')", + " VALUES" + " ('%ld','%s','%s')", Gbl.CurrentIns.Ins.InsCod,Plc->ShrtName,Plc->FullName); DB_QueryINSERT (Query,"can not create place"); diff --git a/swad_session.c b/swad_session.c index 5738dc65..4e484563 100644 --- a/swad_session.c +++ b/swad_session.c @@ -290,7 +290,7 @@ bool Ses_GetSessionData (void) /***** Get password (row[1]) *****/ Str_Copy (Gbl.Usrs.Me.LoginEncryptedPassword,row[1], - Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64); + Pwd_MAX_BYTES_ENCRYPTED_PASSWORD); /***** Get logged user type (row[2]) *****/ if (sscanf (row[2],"%u",&Gbl.Usrs.Me.RoleFromSession) != 1) diff --git a/swad_user.c b/swad_user.c index 3e1009f7..a1f88c7c 100644 --- a/swad_user.c +++ b/swad_user.c @@ -487,7 +487,7 @@ void Usr_GetUsrDataFromUsrCod (struct UsrData *UsrDat) /* Get encrypted password */ Str_Copy (UsrDat->Password,row[1], - Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64); + Pwd_MAX_BYTES_ENCRYPTED_PASSWORD); /* Get roles */ UsrDat->RoleInCurrentCrsDB = Rol_GetRoleInCrs (Gbl.CurrentCrs.Crs.CrsCod,UsrDat->UsrCod); @@ -4886,7 +4886,7 @@ static void Usr_GetListUsrsFromQuery (const char *Query,Rol_Role_t Role,Sco_Scop /* Get encrypted password (row[2]) */ Str_Copy (UsrInList->Password,row[2], - Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64); + Pwd_MAX_BYTES_ENCRYPTED_PASSWORD); /* Get user's surname 1 (row[3]) */ Str_Copy (UsrInList->Surname1,row[3], diff --git a/swad_user.h b/swad_user.h index 44702ee1..5bf5d775 100644 --- a/swad_user.h +++ b/swad_user.h @@ -38,6 +38,7 @@ #include "swad_layout.h" #include "swad_menu.h" #include "swad_nickname.h" +#include "swad_password.h" #include "swad_privacy_visibility_type.h" #include "swad_role_type.h" #include "swad_scope.h" @@ -125,7 +126,7 @@ struct UsrData unsigned Num; } IDs; char Nickname [Nck_MAX_BYTES_NICKNAME_WITHOUT_ARROBA + 1]; - char Password [Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64 + 1]; + char Password [Pwd_MAX_BYTES_ENCRYPTED_PASSWORD + 1]; Rol_Role_t RoleInCurrentCrsDB; int Roles; // Check always if filled/calculated // >=0 ==> filled/calculated @@ -184,7 +185,7 @@ struct UsrInList { long UsrCod; char EncryptedUsrCod[Cry_BYTES_ENCRYPTED_STR_SHA256_BASE64 + 1]; - char Password[Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64 + 1]; + char Password[Pwd_MAX_BYTES_ENCRYPTED_PASSWORD + 1]; char Surname1 [Usr_MAX_BYTES_FIRSTNAME_OR_SURNAME + 1]; char Surname2 [Usr_MAX_BYTES_FIRSTNAME_OR_SURNAME + 1]; char FirstName[Usr_MAX_BYTES_FIRSTNAME_OR_SURNAME + 1]; diff --git a/swad_web_service.c b/swad_web_service.c index 817b91f9..319f315e 100644 --- a/swad_web_service.c +++ b/swad_web_service.c @@ -644,7 +644,7 @@ int swad__createAccount (struct soap *soap, struct swad__createAccountOutput *createAccountOut) // output { char NewNicknameWithoutArroba[Nck_MAX_BYTES_NICKNAME_FROM_FORM + 1]; - char NewEncryptedPassword[Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64 + 1]; + char NewEncryptedPassword[Pwd_MAX_BYTES_ENCRYPTED_PASSWORD + 1]; int Result; int ReturnCode; @@ -681,7 +681,7 @@ int swad__createAccount (struct soap *soap, /***** Set password to the password typed by the user *****/ Str_Copy (Gbl.Usrs.Me.UsrDat.Password,NewEncryptedPassword, - Cry_LENGTH_ENCRYPTED_STR_SHA512_BASE64); + Pwd_MAX_BYTES_ENCRYPTED_PASSWORD); /***** User does not exist in the platform, so create him/her! *****/ Acc_CreateNewUsr (&Gbl.Usrs.Me.UsrDat,