Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
typo3
qfq
Commits
4cc6bd5c
Commit
4cc6bd5c
authored
Feb 07, 2019
by
Marc Egger
Browse files
Password.php: fix password hashing and add password checking
parent
cec9014c
Pipeline
#1493
passed with stage
in 2 minutes and 5 seconds
Changes
1
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
extension/Source/core/typo3/Password.php
View file @
4cc6bd5c
...
...
@@ -26,25 +26,47 @@ class Password {
* @return string
*/
public
function
getHash
(
$newPassword
)
{
// Use md5 as fallback
$password
=
md5
(
$newPassword
);
// $dataHandler = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance(\TYPO3\CMS\Core\DataHandling\DataHandler::class);
//$dataHandler->start([], $cmd);
//$dataHandler->process_cmdmap();
if
(
!
isset
(
$GLOBALS
[
'TSFE'
]))
{
//TODO: Get absolute 'path' via QFQ config
require
__DIR__
.
'/../../../../../../typo3_src/vendor/autoload.php'
;
}
$saltedPassword
=
md5
(
$newPassword
);
// Use md5 as fallback
$this
->
t3AutoloadIfNotRunning
();
if
(
\
TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility
::
isUsageEnabled
(
'FE'
))
{
$objSalt
=
\
TYPO3\CMS\Saltedpasswords\Salt\SaltFactory
::
getSaltingInstance
(
NULL
);
if
(
is_object
(
$objSalt
))
{
$password
=
$objSalt
->
getHashedPassword
(
$password
);
$saltedPassword
=
$objSalt
->
getHashedPassword
(
$newPassword
);
}
}
return
$saltedPassword
;
}
/**
* Based on https://docs.typo3.org/typo3cms/extensions/saltedpasswords/8.7/DevelopersGuide/Index.html
* Check if the salted password corresponds to the password.
*
* @param string $saltedPassword
* @param string $password
* @return bool
*/
public
function
checkPassword
(
$saltedPassword
,
$password
)
{
$this
->
t3AutoloadIfNotRunning
();
$success
=
FALSE
;
if
(
\
TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility
::
isUsageEnabled
(
'FE'
))
{
$objSalt2
=
\
TYPO3\CMS\Saltedpasswords\Salt\SaltFactory
::
getSaltingInstance
(
$saltedPassword
);
if
(
is_object
(
$objSalt2
))
{
$success
=
$objSalt2
->
checkPassword
(
$password
,
$saltedPassword
);
}
}
return
$success
;
}
/**
* Load Typo3 autoloader if Typo3 is not instantiated
*/
public
function
t3AutoloadIfNotRunning
()
{
return
$password
;
if
(
!
isset
(
$GLOBALS
[
'TSFE'
]))
{
//TODO: Get absolute 'path' via QFQ config
require
__DIR__
.
'/../../../../../../typo3_src/vendor/autoload.php'
;
}
}
}
\ No newline at end of file
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
