Bug#1042824: Logging into SLBackup frontend returns error
There are actually two critical problems causing logins to fail: 1. usage of crypt() without a salt (not actually used for passwords but as a hash function for some homemade encryption, see https://salsa.debian.org/debian-edu-pkg-team/slbackup-php/-/blob/8eb0d468422cb3e06eed0092643d1bb4082f9b1c/src/index.php#L698) 2. a typo where the key is switched with the value while looping over an associative array which causes an exception with PHP 8 since the key is a string accessed as an associative array (see https://salsa.debian.org/debian-edu-pkg-team/slbackup-php/-/blob/8eb0d468422cb3e06eed0092643d1bb4082f9b1c/src/index.php#L48) -- Guido Berhoerster
Bug#1042824: Logging into SLBackup frontend returns error
Package: slbackup-php Version: 0.4.5-4 When logging into https://www/slbackup-php/ (after enabling password login for root) on DebianEdu the server returns HTTP error 500. The following is logged in error.log: [Tue Aug 01 14:37:40.377047 2023] [php:error] [pid 508014] [client 10.0.2.2:47888] PHP Fatal error: Uncaught ArgumentCountError: crypt() expects exactly 2 arguments, 1 given in /usr/share/slbackup-php/web/index.php:698\nStack trace:\n#0 /usr/share/slbackup-php/web/index.php(698): crypt()\n#1 {main}\n thrown in /usr/share/slbackup-php/web/index.php on line 698, referer: https://www/slbackup-php/index.php -- Guido Berhoerster