Commit 96eb34b9 authored by Carsten  Rose's avatar Carsten Rose
Browse files

First implementation. Does not work with T3 7.6. Unknown if it works with 8.x

parent 58852778
Pipeline #1473 passed with stage
in 2 minutes and 20 seconds
...@@ -712,6 +712,7 @@ const TOKEN_ESCAPE_COLON = 'C'; ...@@ -712,6 +712,7 @@ const TOKEN_ESCAPE_COLON = 'C';
const TOKEN_ESCAPE_LDAP_FILTER = 'l'; const TOKEN_ESCAPE_LDAP_FILTER = 'l';
const TOKEN_ESCAPE_LDAP_DN = 'L'; const TOKEN_ESCAPE_LDAP_DN = 'L';
const TOKEN_ESCAPE_MYSQL = 'm'; const TOKEN_ESCAPE_MYSQL = 'm';
const TOKEN_ESCAPE_PASSWORD_T3FE = 'p';
const TOKEN_ESCAPE_NONE = '-'; const TOKEN_ESCAPE_NONE = '-';
// Workaround for PHP < 5.6.0 // Workaround for PHP < 5.6.0
......
...@@ -12,6 +12,7 @@ use qfq; ...@@ -12,6 +12,7 @@ use qfq;
require_once(__DIR__ . '/../core/store/Store.php'); require_once(__DIR__ . '/../core/store/Store.php');
require_once(__DIR__ . '/../core/database/Database.php'); require_once(__DIR__ . '/../core/database/Database.php');
require_once(__DIR__ . '/../core/typo3/FePassword.php');
require_once(__DIR__ . '/helper/Support.php'); require_once(__DIR__ . '/helper/Support.php');
require_once(__DIR__ . '/helper/OnString.php'); require_once(__DIR__ . '/helper/OnString.php');
require_once(__DIR__ . '/helper/KeyValueStringParser.php'); require_once(__DIR__ . '/helper/KeyValueStringParser.php');
...@@ -390,6 +391,10 @@ class Evaluate { ...@@ -390,6 +391,10 @@ class Evaluate {
break; break;
case TOKEN_ESCAPE_NONE: // do nothing case TOKEN_ESCAPE_NONE: // do nothing
break; break;
case TOKEN_ESCAPE_PASSWORD_T3FE:
$fePassword = new FePassword();
$value = $fePassword->getHash($value);
break;
default: default:
throw new UserFormException("Unknown escape qualifier: $escape", UNKNOWN_TYPE); throw new UserFormException("Unknown escape qualifier: $escape", UNKNOWN_TYPE);
break; break;
......
...@@ -37,6 +37,10 @@ class ErrorHandler { ...@@ -37,6 +37,10 @@ class ErrorHandler {
$store = Store::getInstance(); $store = Store::getInstance();
if($store->getVar(SYSTEM_THROW_GENERAL_ERROR, STORE_SYSTEM) == 'yes'){ if($store->getVar(SYSTEM_THROW_GENERAL_ERROR, STORE_SYSTEM) == 'yes'){
// Check if the error happens inside TYPO3 - don't care.
// if(strpos($file,'/typo3_src')){
// return false;
// }
// Do not show too much to the user. E.g. 'ldap_bind()' might have problems, but the user should not see the // Do not show too much to the user. E.g. 'ldap_bind()' might have problems, but the user should not see the
// file and line number. Often the filename is part of the message >> don't show the message to the user. // file and line number. Often the filename is part of the message >> don't show the message to the user.
throw new CodeException(json_encode( throw new CodeException(json_encode(
......
<?php
/**
* Created by PhpStorm.
* User: crose
* Date: 2/1/19
* Time: 10:31 PM
*/
namespace qfq;
use TYPO3\CMS\Saltedpasswords\Salt\SaltFactory;
use TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility;
use qfq;
/**
* Class FePassword
* @package qfq
*/
class FePassword {
/**
* Based on https://github.com/derhansen/fe_change_pwd/blob/master/Classes/Service/FrontendUserService.php
* @param string $newPassword
* @return string
*/
public function getHash($newPassword) {
// Use md5 as fallback
$password = md5($newPassword);
// If salted passwords is enabled, salt the new password
if (SaltedPasswordsUtility::isUsageEnabled('FE')) {
$objSalt = SaltFactory::getSaltingInstance(null);
if (is_object($objSalt)) {
$password = $objSalt->getHashedPassword($newPassword);
}
}
$userTable = $GLOBALS['TSFE']->fe_user()->user_table;
$userUid = $GLOBALS['TSFE']->fe_user()->user['uid'];
return $password;
// $sql = "UPDATE $userTable SET password=? WHERE uid=?" $password $uid
}
}
\ No newline at end of file
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment