mirror/php-cimage
1
0
Fork 0
mirror of https://github.com/mosbth/cimage.git synced 2025-08-29 18:39:53 +02:00
Code Issues Releases Wiki Activity

* Support for password hashes using text, md5 and hash, fix #77.

Browse Source
This commit is contained in:
Mikael Roos
2015-07-25 22:58:04 +02:00
parent aaf34fd0b5
commit 555c3f0185
6 changed files with 75 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
webroot/imgd.php
View File

@@ -3322,20 +3322,27 @@ if ($defaultTimezone) {
*/
$pwdConfig = getConfig('password', false);
$pwdAlways = getConfig('password_always', false);
$pwdType = getConfig('password_type', 'text');
$pwd = get(array('password', 'pwd'), null);
// Check if passwords match, if configured to use passwords
$passwordMatch = null;
if ($pwdAlways) {
$passwordMatch = ($pwdConfig === $pwd);
if (!$passwordMatch) {
errorPage("Password required and does not match or exists.");
$passwordMatch = false;
if ($pwd) {
switch($pwdType) {
case 'md5':
$passwordMatch = ($pwdConfig === md5($pwd));
break;
case 'hash':
$passwordMatch = password_verify($pwd, $pwdConfig);
break;
case 'text':
$passwordMatch = ($pwdConfig === $pwd);
break;
}
}
} elseif ($pwdConfig && $pwd) {
$passwordMatch = ($pwdConfig === $pwd);
if ($pwdAlways && $passwordMatch !== true) {
errorPage("Password required and does not match or exists.");
}
verbose("password match = $passwordMatch");