backup/nopasswords MDL-20383 Backups are now never saved with user pa…

…sswords unless the admin has defined $CFG->includeuserbackupsinpasswords in config.php (Merged from 1.9) Credits to Eloy

backup/backuplib.php

@@ -1340,7 +1340,11 @@ function backup_user_info ($bf,$preferences) {
                 fwrite ($bf,full_tag("POLICYAGREED",4,false,$user->policyagreed));
                 fwrite ($bf,full_tag("DELETED",4,false,$user->deleted));
                 fwrite ($bf,full_tag("USERNAME",4,false,$user->username));
-                fwrite ($bf,full_tag("PASSWORD",4,false,$user->password));
+                // Prevent user passwords in backup files unless
+                // $CFG->includeuserpasswordsinbackup is defined. MDL-20838
+                if (!empty($CFG->includeuserpasswordsinbackup)) {
+                    fwrite ($bf,full_tag("PASSWORD",4,false,$user->password));
+                }
                 fwrite ($bf,full_tag("IDNUMBER",4,false,$user->idnumber));
                 fwrite ($bf,full_tag("FIRSTNAME",4,false,$user->firstname));
                 fwrite ($bf,full_tag("LASTNAME",4,false,$user->lastname));

config-dist.php

@@ -152,6 +152,13 @@
 // Useful for webhost operators who have alternate methods of backups
 //      $CFG->disablescheduledbackups = true;
 //
+// Allow user passwords to be included in backup files. Very dangerous
+// setting as far as it publishes password hashes that can be unencrypted
+// if the backup file is publicy available. Use it only if you can guarantee
+// that all your backup files remain only privacy available and are never
+// shared out from your site/institution!
+//      $CFG->includeuserpasswordsinbackup = true;
+//
 // Prevent stats processing and hide the GUI
 //      $CFG->disablestatsprocessing = true;
 //