Wocanilo/adAS.patch

## adAS.patch
 diff -Naur adas-1.7.0/adas-admin/lib/command/logs/LogHelper.class.php adas-1.7.1/adas-admin/lib/command/logs/LogHelper.class.php
--- adas-1.7.0/adas-admin/lib/command/logs/LogHelper.class.php	2017-04-04 19:01:47.000000000 +0200
+++ adas-1.7.1/adas-admin/lib/command/logs/LogHelper.class.php	2019-09-15 17:24:17.145398700 +0200
@@ -171,7 +171,7 @@
                 $logs[$id_thread]["logs"][] = array(
                     'hour' => $data["timestamp"],
                     'mode' => $data["level"],
-                    'msg'  => $data["message"],
+                    'msg'  => htmlentities($data["message"]),
                 );
             }
         }
diff -Naur adas-1.7.0/adas-sso/lib/usermanagement/authn/db/DBUserAuth.class.php adas-1.7.1/adas-sso/lib/usermanagement/authn/db/DBUserAuth.class.php
--- adas-1.7.0/adas-sso/lib/usermanagement/authn/db/DBUserAuth.class.php	2017-04-04 19:01:47.000000000 +0200
+++ adas-1.7.1/adas-sso/lib/usermanagement/authn/db/DBUserAuth.class.php	2019-09-15 17:07:29.838858000 +0200
@@ -79,7 +79,7 @@
             if (!is_callable($alg_pw)) {
                 ConfigManager::includeCallbacks();
             }
-            $parsed_password = call_user_func($alg_pw, $password);
+            $parsed_password = hash($alg_pw, $password);
         }

         $stored_password = null;
@@ -91,7 +91,7 @@
         for ($i = 0; $i < $data_server_count; $i++) {
             $stored_password = $data_server[$i];

-            $res = $parsed_password == $stored_password;
+            $res = $parsed_password === $stored_password;

             if ($res == true) {
                 $userID = $this->getUserID($username);
	diff -Naur adas-1.7.0/adas-admin/lib/command/logs/LogHelper.class.php adas-1.7.1/adas-admin/lib/command/logs/LogHelper.class.php
	--- adas-1.7.0/adas-admin/lib/command/logs/LogHelper.class.php 2017-04-04 19:01:47.000000000 +0200
	+++ adas-1.7.1/adas-admin/lib/command/logs/LogHelper.class.php 2019-09-15 17:24:17.145398700 +0200
	@@ -171,7 +171,7 @@
	$logs[$id_thread]["logs"][] = array(
	'hour' => $data["timestamp"],
	'mode' => $data["level"],
	- 'msg' => $data["message"],
	+ 'msg' => htmlentities($data["message"]),
	);
	}
	}
	diff -Naur adas-1.7.0/adas-sso/lib/usermanagement/authn/db/DBUserAuth.class.php adas-1.7.1/adas-sso/lib/usermanagement/authn/db/DBUserAuth.class.php
	--- adas-1.7.0/adas-sso/lib/usermanagement/authn/db/DBUserAuth.class.php 2017-04-04 19:01:47.000000000 +0200
	+++ adas-1.7.1/adas-sso/lib/usermanagement/authn/db/DBUserAuth.class.php 2019-09-15 17:07:29.838858000 +0200
	@@ -79,7 +79,7 @@
	if (!is_callable($alg_pw)) {
	ConfigManager::includeCallbacks();
	}
	- $parsed_password = call_user_func($alg_pw, $password);
	+ $parsed_password = hash($alg_pw, $password);
	}

	$stored_password = null;
	@@ -91,7 +91,7 @@
	for ($i = 0; $i < $data_server_count; $i++) {
	$stored_password = $data_server[$i];

	- $res = $parsed_password == $stored_password;
	+ $res = $parsed_password === $stored_password;

	if ($res == true) {
	$userID = $this->getUserID($username);