fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-18 18:59:56 +09:00
Code Issues Projects Releases Packages Wiki Activity

Update all references to old Password class

Browse source
This commit is contained in:
Kijin Sung 2016-03-13 23:39:31 +09:00
parent f4dc7e6b21
commit 9d6284faad
8 changed files with 53 additions and 58 deletions
Download patch file Download diff file Expand all files Collapse all files

3
modules/member/member.admin.controller.php
View file

@ -166,8 +166,7 @@ class memberAdminController extends member
'update_nickname_log'
);
$oPassword = new Password();
if(!array_key_exists($args->password_hashing_algorithm, $oPassword->getSupportedAlgorithms()))
if(!array_key_exists($args->password_hashing_algorithm, Rhymix\Framework\Password::getSupportedAlgorithms()))
{
$args->password_hashing_algorithm = 'md5';
}

3
modules/member/member.admin.view.php
View file

@ -129,8 +129,7 @@ class memberAdminView extends member
*/
public function dispMemberAdminConfig()
{
$oPassword = new Password();
Context::set('password_hashing_algos', $oPassword->getSupportedAlgorithms());
Context::set('password_hashing_algos', Rhymix\Framework\Password::getSupportedAlgorithms());
$this->setTemplateFile('default_config');
}

3
modules/member/member.class.php
View file

@ -73,8 +73,7 @@ class member extends ModuleObject {
if(!$config->password_hashing_algorithm)
{
$oPassword = new Password();
$config->password_hashing_algorithm = $oPassword->getBestAlgorithm();
$config->password_hashing_algorithm = Rhymix\Framework\Password::getBestSupportedAlgorithm();
}
if(!$config->password_hashing_work_factor)
{

20
modules/member/member.controller.php
View file

@ -984,12 +984,11 @@ class memberController extends member
}
// Insert data into the authentication DB
$oPassword = new Password();
$args = new stdClass();
$args->user_id = $member_info->user_id;
$args->member_srl = $member_info->member_srl;
$args->new_password = $oPassword->createTemporaryPassword(8);
$args->auth_key = $oPassword->createSecureSalt(40);
$args->new_password = Rhymix\Framework\Password::getRandomPassword(8);
$args->auth_key = Rhymix\Framework\Security::getRandom(40, 'hex');
$args->is_register = 'N';
$output = executeQuery('member.insertAuthMail', $args);
@ -1093,8 +1092,7 @@ class memberController extends member
}
// Update to a temporary password and set change_password_date to 1
$oPassword = new Password();
$temp_password = $oPassword->createTemporaryPassword(8);
$temp_password = Rhymix\Framework\Password::getRandomPassword(8);
$args = new stdClass();
$args->member_srl = $member_srl;
@ -1323,12 +1321,11 @@ class memberController extends member
$this->_clearMemberCache($args->member_srl);
// generate new auth key
$oPassword = new Password();
$auth_args = new stdClass();
$auth_args->user_id = $memberInfo->user_id;
$auth_args->member_srl = $memberInfo->member_srl;
$auth_args->new_password = $memberInfo->password;
$auth_args->auth_key = $oPassword->createSecureSalt(40);
$auth_args->auth_key = Rhymix\Framework\Security::getRandom(40, 'hex');
$auth_args->is_register = 'Y';
$output = executeQuery('member.insertAuthMail', $auth_args);
@ -1813,8 +1810,7 @@ class memberController extends member
if($keep_signed)
{
// Key generate for auto login
$oPassword = new Password();
$random_key = $oPassword->createSecureSalt(32, 'hex');
$random_key = Rhymix\Framework\Security::getRandom(32, 'hex');
$extra_key = strtolower($user_id).$this->memberInfo->password.$_SERVER['HTTP_USER_AGENT'];
$extra_key = substr(hash_hmac('sha256', $extra_key, $random_key), 0, 32);
$autologin_args = new stdClass;
@ -2091,12 +2087,11 @@ class memberController extends member
if($args->denied == 'Y')
{
// Insert data into the authentication DB
$oPassword = new Password();
$auth_args = new stdClass();
$auth_args->user_id = $args->user_id;
$auth_args->member_srl = $args->member_srl;
$auth_args->new_password = $args->password;
$auth_args->auth_key = $oPassword->createSecureSalt(40);
$auth_args->auth_key = Rhymix\Framework\Security::getRandom(40, 'hex');
$auth_args->is_register = 'Y';
$output = executeQuery('member.insertAuthMail', $auth_args);
@ -2552,11 +2547,10 @@ class memberController extends member
}
unset($_SESSION['rechecked_password_step']);
$oPassword = new Password();
$auth_args = new stdClass();
$auth_args->user_id = $newEmail;
$auth_args->member_srl = $member_info->member_srl;
$auth_args->auth_key = $oPassword->createSecureSalt(40);
$auth_args->auth_key = Rhymix\Framework\Security::getRandom(40, 'hex');
$auth_args->new_password = 'XE_change_emaill_address';
$oDB = &DB::getInstance();

50
modules/member/member.model.php
View file

@ -1107,10 +1107,19 @@ class memberModel extends member
}
// Check the password
$oPassword = new Password();
$current_algorithm = $oPassword->checkAlgorithm($hashed_password);
$match = $oPassword->checkPassword($password_text, $hashed_password, $current_algorithm);
if(!$match)
$password_match = false;
$current_algorithm = false;
$possible_algorithms = Rhymix\Framework\Password::checkAlgorithm($hashed_password);
foreach ($possible_algorithms as $algorithm)
{
if (Rhymix\Framework\Password::checkPassword($password_text, $hashed_password, $algorithm))
{
$password_match = true;
$current_algorithm = $algorithm;
break;
}
}
if (!$password_match)
{
return false;
}
@ -1119,22 +1128,26 @@ class memberModel extends member
$config = $this->getMemberConfig();
if($member_srl > 0 && $config->password_hashing_auto_upgrade != 'N')
{
$need_upgrade = false;
if(!$need_upgrade)
$required_algorithm = Rhymix\Framework\Password::getDefaultAlgorithm();
if ($required_algorithm !== $current_algorithm)
{
$required_algorithm = $oPassword->getCurrentlySelectedAlgorithm();
if($required_algorithm !== $current_algorithm) $need_upgrade = true;
$need_upgrade = true;
}
else
{
$required_work_factor = Rhymix\Framework\Password::getWorkFactor();
$current_work_factor = Rhymix\Framework\Password::checkWorkFactor($hashed_password);
if ($current_work_factor !== false && $required_work_factor > $current_work_factor)
{
$need_upgrade = true;
}
else
{
$need_upgrade = false;
}
}
if(!$need_upgrade)
{
$required_work_factor = $oPassword->getWorkFactor();
$current_work_factor = $oPassword->checkWorkFactor($hashed_password);
if($current_work_factor !== false && $required_work_factor > $current_work_factor) $need_upgrade = true;
}
if($need_upgrade === true)
if ($need_upgrade)
{
$args = new stdClass();
$args->member_srl = $member_srl;
@ -1155,8 +1168,7 @@ class memberModel extends member
*/
function hashPassword($password_text, $algorithm = null)
{
$oPassword = new Password();
return $oPassword->createHash($password_text, $algorithm);
return Rhymix\Framework\Password::hashPassword($password_text, $algorithm);
}
function checkPasswordStrength($password, $strength)