fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Improvement hashPassword hashType

Browse Source
This commit is contained in:
Marco Antonio Nina
2014-10-02 15:32:20 -04:00
parent bd41c076bf
commit 402e98d0f8
2 changed files with 10 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
gulliver/system/class.bootstrap.php
View File

@@ -2860,16 +2860,16 @@ class Bootstrap
} }
} }
public function getConfigHashPassword() public function getPasswordHashType()
{ {
G::LoadClass( "configuration" ); G::LoadClass( "configuration" );
$config= new Configurations(); $config= new Configurations();
return $config->getConfiguration('ENTERPRISE_SETTING_ENCRYPT', ''); return $config->getConfiguration('ENTERPRISE_SETTING_ENCRYPT', '');
} }
public function hashPassword($pass, $config = '', $includeHash = false, $hashOld = false) public function hashPassword($pass, $hashType = '', $includeHashType = false, $hashOld = false)
{ {
$typeEncrypt = ($config != '') ? $config : Bootstrap::getConfigHashPassword(); $typeEncrypt = ($hashType != '') ? $hashType : Bootstrap::getPasswordHashType();
$encrypt = 'md5'; $encrypt = 'md5';
if ($typeEncrypt != null) { if ($typeEncrypt != null) {
if (isset($typeEncrypt['current']) && $typeEncrypt['current'] != '') { if (isset($typeEncrypt['current']) && $typeEncrypt['current'] != '') {
@@ -2879,7 +2879,7 @@ class Bootstrap
$encrypt = $typeEncrypt['previous']; $encrypt = $typeEncrypt['previous'];
} }
} }
if ($includeHash) { if ($includeHashType) {
$var = $encrypt . ':' . $pass; $var = $encrypt . ':' . $pass;
} else { } else {
eval("\$var = hash('" . $encrypt . "', '" . $pass . "');"); eval("\$var = hash('" . $encrypt . "', '" . $pass . "');");
@@ -2890,13 +2890,13 @@ class Bootstrap
public function verifyHashPassword ($pass, $userPass) public function verifyHashPassword ($pass, $userPass)
{ {
$config = Bootstrap::getConfigHashPassword(); $hashType = Bootstrap::getPasswordHashType();
if (Bootstrap::hashPassword($pass, $config) == $userPass if (Bootstrap::hashPassword($pass, $hashType) == $userPass
|| Bootstrap::hashPassword($pass, $config, true) == $userPass) { || Bootstrap::hashPassword($pass, $hashType, true) == $userPass) {
return true; return true;
} }
if (Bootstrap::hashPassword($pass, $config, false, true) == $userPass if (Bootstrap::hashPassword($pass, $hashType, false, true) == $userPass
|| Bootstrap::hashPassword($pass, $config, true, true) == $userPass) { || Bootstrap::hashPassword($pass, $hashType, true, true) == $userPass) {
return true; return true;
} }
return false; return false;

2
workflow/engine/methods/login/changePassword.php
View File

@@ -5,7 +5,7 @@ $aUser = $oUser->load($_SESSION['USER_LOGGED']);
global $RBAC; global $RBAC;
$aData['USR_UID'] = $aUser['USR_UID']; $aData['USR_UID'] = $aUser['USR_UID'];
$aData['USR_USERNAME'] = $aUser['USR_USERNAME']; $aData['USR_USERNAME'] = $aUser['USR_USERNAME'];
$aData['USR_PASSWORD'] = Bootstrap::hasPassword($_POST['form']['USR_PASSWORD']); $aData['USR_PASSWORD'] = Bootstrap::hashPassword($_POST['form']['USR_PASSWORD']);
$aData['USR_FIRSTNAME'] = $aUser['USR_FIRSTNAME']; $aData['USR_FIRSTNAME'] = $aUser['USR_FIRSTNAME'];
$aData['USR_LASTNAME'] = $aUser['USR_LASTNAME']; $aData['USR_LASTNAME'] = $aUser['USR_LASTNAME'];
$aData['USR_EMAIL'] = $aUser['USR_EMAIL']; $aData['USR_EMAIL'] = $aUser['USR_EMAIL'];