fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-12 07:11:42 +09:00
Code Issues Projects Releases Packages Wiki Activity

문서 및 댓글 모듈에서 비회원 비번 해싱에 회원모듈과 같은 알고리듬을 사용하도록 변경

Browse source
This commit is contained in:
Kijin Sung 2015-03-06 15:14:03 +09:00
parent b7a07b0374
commit aa7db04a91
2 changed files with 13 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

6
modules/comment/comment.controller.php
View file

@ -253,10 +253,10 @@ class commentController extends comment
// get a object of document model // get a object of document model
$oDocumentModel = getModel('document'); $oDocumentModel = getModel('document');
// even for manual_inserted if password exists, md5 it. // even for manual_inserted if password exists, hash it.
if($obj->password) if($obj->password)
{ {
$obj->password = md5($obj->password); $obj->password = getModel('member')->hashPassword($obj->password);
} }
// get the original posting // get the original posting
@ -677,7 +677,7 @@ class commentController extends comment
if($obj->password) if($obj->password)
{ {
$obj->password = md5($obj->password); $obj->password = getModel('member')->hashPassword($obj->password);
} }
if($obj->homepage) if($obj->homepage)

14
modules/document/document.controller.php
View file

@ -251,8 +251,11 @@ class documentController extends document
if(!$obj->readed_count) $obj->readed_count = 0; if(!$obj->readed_count) $obj->readed_count = 0;
if($isLatest) $obj->update_order = $obj->list_order = $obj->document_srl * -1; if($isLatest) $obj->update_order = $obj->list_order = $obj->document_srl * -1;
else $obj->update_order = $obj->list_order; else $obj->update_order = $obj->list_order;
// Check the status of password hash for manually inserting. Apply md5 hashing for otherwise. // Check the status of password hash for manually inserting. Apply hashing for otherwise.
if($obj->password && !$obj->password_is_hashed) $obj->password = md5($obj->password); if($obj->password && !$obj->password_is_hashed)
{
$obj->password = getModel('member')->hashPassword($obj->password);
}
// Insert member's information only if the member is logged-in and not manually registered. // Insert member's information only if the member is logged-in and not manually registered.
$logged_info = Context::get('logged_info'); $logged_info = Context::get('logged_info');
if(Context::get('is_logged') && !$manual_inserted && !$isRestore) if(Context::get('is_logged') && !$manual_inserted && !$isRestore)
@ -437,8 +440,11 @@ class documentController extends document
} }
// Change the update order // Change the update order
$obj->update_order = getNextSequence() * -1; $obj->update_order = getNextSequence() * -1;
// Hash by md5 if the password exists // Hash the password if it exists
if($obj->password) $obj->password = md5($obj->password); if($obj->password)
{
$obj->password = getModel('member')->hashPassword($obj->password);
}
// If an author is identical to the modifier or history is used, use the logged-in user's information. // If an author is identical to the modifier or history is used, use the logged-in user's information.
if(Context::get('is_logged')) if(Context::get('is_logged'))
{ {