mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-19 12:51:52 +02:00
Code Issues Releases Wiki Activity

Fix for password upgrading. Password-encoding warning added to admin area dashboard.

Browse Source
This commit is contained in:
Cameron
2016-06-16 12:23:20 -07:00
parent df4bf924f7
commit 6fa46b3f32
3 changed files with 54 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
e107_admin/admin.php
View File

@@ -97,6 +97,7 @@ class admin_start
$this->checkFileTypes();
$this->checkSuspiciousFiles();
$this->checkDeprecated();
$this->checkPasswordEncryption();
if($this->refresh == true)
{
@@ -205,7 +206,20 @@ class admin_start
}
function checkPasswordEncryption()
{
$us = e107::getUserSession();
$mes = e107::getMessage();
if($us->passwordAPIExists() === true && $us->getDefaultHashType() !== PASSWORD_E107_PHP && e107::pref('core','password_CHAP')==0)
{
$message = "It is HIGHLY recommended that you [change your password encoding] to the PHP Default. (Password hashes will be automatically upgraded during user login.)";
$srch = array('[',']');
$repl = array("<a class='alert-link' href='".e_ADMIN."prefs.php#nav-core-prefs-security'>","</a>");
$mes->addWarning(str_replace($srch,$repl,$message));
}
}

6
e107_admin/prefs.php
View File

@@ -1381,7 +1381,7 @@ $text .= "
<tr>
<td><label for='passwordencoding'>".PRFLAN_188.":</label></td>
<td>
";
$pwdEncodeOpts = array();
@@ -1389,17 +1389,19 @@ $text .= "
if(function_exists('password_verify')) // ie. php 5.5 or higher
{
$pwdEncodeOpts[3] = "PHP Default (Preferred)";
}
$pwdEncodeOpts[1] = PRFLAN_190;
$pwdEncodeOpts[0] = PRFLAN_189;
$text .= (isset($pwdEncodeOpts[3]) && $pref['passwordEncoding']!=3) ? "<td class='has-warning'>" : "<td>";
$text .= $frm->select('passwordEncoding', $pwdEncodeOpts, varset($pref['passwordEncoding'], 0));
// $text .= $frm->radio_switch('passwordEncoding', varset($pref['passwordEncoding'], 0), PRFLAN_190, PRFLAN_189);
$text .= "
<div class='smalltext field-help'>".PRFLAN_191."</div>
<div class='smalltext field-help'></div>
</td>
</tr>
<tr>";