| [ Index ] |
PHP Cross Reference of phpBB-3.2.11-deutsch |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * 4 * This file is part of the phpBB Forum Software package. 5 * 6 * @copyright (c) phpBB Limited <https://www.phpbb.com> 7 * @license GNU General Public License, version 2 (GPL-2.0) 8 * 9 * For full copyright and license information, please see 10 * the docs/CREDITS.txt file. 11 * 12 */ 13 14 namespace phpbb\passwords\driver; 15 16 class md5_phpbb2 extends base 17 { 18 const PREFIX = '$md5_phpbb2$'; 19 20 /** @var \phpbb\request\request phpBB request object */ 21 protected $request; 22 23 /** @var \phpbb\passwords\driver\salted_md5 */ 24 protected $salted_md5; 25 26 /** @var \phpbb\passwords\driver\helper */ 27 protected $helper; 28 29 /** @var string phpBB root path */ 30 protected $phpbb_root_path; 31 32 /** @var string php file extension */ 33 protected $php_ext; 34 35 /** 36 * Constructor of passwords driver object 37 * 38 * @param \phpbb\request\request $request phpBB request object 39 * @param \phpbb\passwords\driver\salted_md5 $salted_md5 Salted md5 driver 40 * @param \phpbb\passwords\driver\helper $helper Driver helper 41 * @param string $phpbb_root_path phpBB root path 42 * @param string $php_ext PHP file extension 43 */ 44 public function __construct($request, salted_md5 $salted_md5, helper $helper, $phpbb_root_path, $php_ext) 45 { 46 $this->request = $request; 47 $this->salted_md5 = $salted_md5; 48 $this->helper = $helper; 49 $this->phpbb_root_path = $phpbb_root_path; 50 $this->php_ext = $php_ext; 51 } 52 53 /** 54 * {@inheritdoc} 55 */ 56 public function get_prefix() 57 { 58 return self::PREFIX; 59 } 60 61 /** 62 * {@inheritdoc} 63 */ 64 public function is_legacy() 65 { 66 return true; 67 } 68 69 /** 70 * {@inheritdoc} 71 */ 72 public function hash($password, $user_row = '') 73 { 74 // Do not support hashing 75 return false; 76 } 77 78 /** 79 * {@inheritdoc} 80 */ 81 public function check($password, $hash, $user_row = array()) 82 { 83 if (strlen($hash) != 32 && strlen($hash) != 34) 84 { 85 return false; 86 } 87 88 // enable super globals to get literal value 89 // this is needed to prevent unicode normalization 90 $super_globals_disabled = $this->request->super_globals_disabled(); 91 if ($super_globals_disabled) 92 { 93 $this->request->enable_super_globals(); 94 } 95 96 // in phpBB2 passwords were used exactly as they were sent, with addslashes applied 97 $password_old_format = isset($_REQUEST['password']) ? (string) $_REQUEST['password'] : ''; 98 $password_old_format = addslashes($password_old_format); 99 $password_new_format = $this->request->variable('password', '', true); 100 101 if ($super_globals_disabled) 102 { 103 $this->request->disable_super_globals(); 104 } 105 106 if ($password == $password_new_format) 107 { 108 if (!function_exists('utf8_to_cp1252')) 109 { 110 include($this->phpbb_root_path . 'includes/utf/data/recode_basic.' . $this->php_ext); 111 } 112 113 if ($this->helper->string_compare(md5($password_old_format), $hash) || $this->helper->string_compare(md5(\utf8_to_cp1252($password_old_format)), $hash) 114 || $this->salted_md5->check(md5($password_old_format), $hash) === true 115 || $this->salted_md5->check(md5(\utf8_to_cp1252($password_old_format)), $hash) === true) 116 { 117 return true; 118 } 119 } 120 121 return false; 122 } 123 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Nov 11 20:33:01 2020 | Cross-referenced by PHPXref 0.7.1 |