makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-28 14:18:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

[ticket/12352] Use correct hashing method in md5_mybb driver

Browse source 
PHPBB3-12352
This commit is contained in:
Marc Alexander 2014-05-29 12:13:02 +02:00
parent af25aef04c
commit 252a061864
2 changed files with 10 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
phpBB/phpbb/passwords/driver/md5_mybb.php
View file

@ -46,7 +46,15 @@ class md5_mybb extends base
*/
public function check($password, $hash, $user_row = array())
{
return (!empty($hash) && isset($user_row['user_passwd_salt'])) ? $hash === md5($user_row['user_passwd_salt'] . md5($password)) : false;
if (empty(hash) || !isset($user_row['user_passwd_salt']))
{
return false;
}
else
{
// Works for myBB 1.1.x, 1.2.x, 1.4.x, 1.6.x
return $hash === md5(md5($user_row['user_passwd_salt']) . md5($password));
}
}
/**

2
tests/passwords/drivers_test.php
View file

@ -178,7 +178,7 @@ class phpbb_passwords_helper_test extends \phpbb_test_case
return array(
array(false, 'foobar', '083d11daea8675b1b4b502c7e55f8dbd'),
array(false, 'foobar', '083d11daea8675b1b4b502c7e55f8dbd', array('user_passwd_salt' => 'ae2fc75e')),
array(true, 'foobar', '6022de2cc0ecf59ff14b57c6205ee170', array('user_passwd_salt' => 'ae2fc75e')),
array(true, 'foobar', 'b86ee7e24008bfd2890dcfab1ed31333', array('user_passwd_salt' => 'yeOtfFO6')),
);
}