Page Menu
Home
In-Portal Phabricator
Search
Configure Global Search
Log In
Files
F860061
in-portal
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Subscribers
None
File Metadata
Details
File Info
Storage
Attached
Created
Wed, Apr 30, 3:22 AM
Size
5 KB
Mime Type
text/x-diff
Expires
Fri, May 2, 3:22 AM (1 d, 15 h)
Engine
blob
Format
Raw Data
Handle
611765
Attached To
rINP In-Portal
in-portal
View Options
Index: branches/5.0.x/core/kernel/utility/formatters/password_formatter.php
===================================================================
--- branches/5.0.x/core/kernel/utility/formatters/password_formatter.php (revision 12278)
+++ branches/5.0.x/core/kernel/utility/formatters/password_formatter.php (revision 12279)
@@ -1,128 +1,129 @@
<?php
/**
* @version $Id$
* @package In-Portal
* @copyright Copyright (C) 1997 - 2009 Intechnic. All rights reserved.
* @license GNU/GPL
* In-Portal is Open Source software.
* This means that this software may have been modified pursuant
* the GNU General Public License, and as distributed it includes
* or is derivative of works licensed under the GNU General Public License
* or other free or open source software licenses.
* See http://www.in-portal.net/license/ for copyright notices and details.
*/
class kPasswordFormatter extends kFormatter
{
function PrepareOptions($field_name, &$field_options, &$object)
{
if( isset( $field_options['verify_field'] ) )
{
$add_fields = Array();
$options = Array('master_field' => $field_name, 'formatter' => 'kPasswordFormatter');
if (isset($field_options['encryption_method'])) {
$options['encryption_method'] = $field_options['encryption_method'];
}
if (isset($field_options['salt'])) {
$options['salt'] = $field_options['salt'];
}
if (isset($field_options['required'])) {
$options['required'] = $field_options['required'];
}
$add_fields[ $field_options['verify_field'] ] = $options;
$add_fields[$field_name.'_plain'] = Array('type'=>'string', 'error_field'=>$field_name);
$add_fields[ $field_options['verify_field'].'_plain' ] = Array('type'=>'string', 'error_field'=>$field_options['verify_field'] );
$add_fields = array_merge_recursive2($add_fields, $object->VirtualFields);
$object->setVirtualFields($add_fields);
}
}
function Format($value, $field_name, &$object, $format=null)
{
return $value;
}
/**
* Performs password & verify password field validation
*
* @param mixed $value
* @param string $field_name
* @param kDBItem $object
* @return string
*/
function Parse($value, $field_name, &$object)
{
$options = $object->GetFieldOptions($field_name);
$fields = Array('master_field','verify_field');
$fields_set = true;
$flip_count = 0;
while($flip_count < 2)
{
if( getArrayValue($options,$fields[0]) )
{
$object->SetDBField($field_name.'_plain', $value);
if( !getArrayValue($object->Fields[ $options[ $fields[0] ] ], $fields[1].'_set') )
{
$object->Fields[ $options[ $fields[0] ] ][$fields[1].'_set'] = true;
}
$password_field = $options[ $fields[0] ];
$verify_field = $field_name;
}
$fields = array_reverse($fields);
$flip_count++;
}
$salt = isset($object->Fields[$password_field]['salt']) ? $object->Fields[$password_field]['salt'] : '';
if( getArrayValue($object->Fields[$password_field], 'verify_field_set') && getArrayValue($object->Fields[$verify_field], 'master_field_set') )
{
$new_password = $object->GetDBField($password_field.'_plain');
$verify_password = $object->GetDBField($verify_field.'_plain');
if($new_password == '' && $verify_password == '')
{
- if( $object->GetDBField($password_field) != $this->EncryptPassword('', $salt) )
- {
- if ($options['encryption_method'] == 'plain') return $value;
+ if( $object->GetDBField($password_field) != $this->EncryptPassword('', $salt) ) {
+ if ($options['encryption_method'] == 'plain') {
+ return $value;
+ }
+
return $this->EncryptPassword($value);
}
- else
- {
+ else {
$object->Fields[$password_field.'_plain']['required'] = true;
$object->Fields[$verify_field.'_plain']['required'] = true;
+
return null;
}
}
- $min_length = $this->Application->ConfigValue('Min_Password');
- if (mb_strlen($new_password) >= $min_length) {
- if ($new_password != $verify_password) {
- $object->SetError($password_field, 'passwords_do_not_match', 'lu_passwords_do_not_match');
- $object->SetError($verify_field, 'passwords_do_not_match', 'lu_passwords_do_not_match');
- }
+ if ($new_password != $verify_password) {
+ // passwords don't match (no matter what is their length)
+ $object->SetError($verify_field, 'passwords_do_not_match', 'lu_passwords_do_not_match');
}
- else {
- $error_msg = '+'.sprintf($this->Application->Phrase('lu_passwords_too_short'), $min_length); // + -> not phrase
+
+ $min_length = $this->Application->ConfigValue('Min_Password'); // for error message too
+
+ if (mb_strlen($new_password) < $min_length) {
+ $error_msg = '+' . sprintf($this->Application->Phrase('lu_passwords_too_short'), $min_length); // + -> not phrase
$object->SetError($password_field, 'passwords_min_length', $error_msg);
- $object->SetError($verify_field, 'passwords_min_length', $error_msg);
}
}
if($value == '') return $object->GetDBField($field_name);
if ($options['encryption_method'] == 'plain') return $value;
return $this->EncryptPassword($value, $salt);
}
function EncryptPassword($value, $salt=null)
{
if (!isset($salt) || !$salt) {
// if empty salt, assume, that it's not passed at all
return md5($value);
}
return md5(md5($value).$salt);
}
}
\ No newline at end of file
Event Timeline
Log In to Comment