fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-07 10:41:40 +09:00
Code Issues Projects Releases Packages Wiki Activity

Fix truncated password hash for documents and comments written by non-members, if member module is configured to use a hashing algorithm that produces more than 60 chars

Browse source
This commit is contained in:
Kijin Sung 2023-06-19 01:59:27 +09:00
parent 10cd76d0be
commit f34c27c26b
3 changed files with 31 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

4
modules/document/document.controller.php
View file

@ -623,7 +623,7 @@ class DocumentController extends Document
// Check the status of password hash for manually inserting. Apply hashing for otherwise.
if($obj->password && !$obj->password_is_hashed)
{
$obj->password = MemberModel::hashPassword($obj->password);
$obj->password = \Rhymix\Framework\Password::hashPassword($obj->password, \Rhymix\Framework\Password::getBackwardCompatibleAlgorithm());
}
// Insert member's information only if the member is logged-in and not manually registered.
@ -901,7 +901,7 @@ class DocumentController extends Document
// Hash the password if it exists
if($obj->password)
{
$obj->password = MemberModel::hashPassword($obj->password);
$obj->password = \Rhymix\Framework\Password::hashPassword($obj->password, \Rhymix\Framework\Password::getBackwardCompatibleAlgorithm());
}
// If an author is identical to the modifier or history is used, use the logged-in user's information.