Display Password hash-type in Admin > Users. e_URL_LEGACY constant added when SEF URLs detected.

2025-08-01 12:20:44 +02:00 · 2016-06-10 16:37:36 -07:00
parent 84b3004231
commit c8fbb3957a
4 changed files with 41 additions and 16 deletions
--- a/e107_admin/users.php
+++ b/e107_admin/users.php
@@ -29,7 +29,7 @@ e107::coreLan('date');

 e107::css('inline', "

- .label-status { width:100%; display:block; padding-bottom:5px; padding-top:5px }
+ .label-status, .label-password { width:100%; display:block; padding-bottom:5px; padding-top:5px }
 ");

 class users_admin extends e_admin_dispatcher
@@ -2398,10 +2398,21 @@ class users_admin_form_ui extends e_admin_form_ui
 	{
 		if($mode == 'read')
 		{
-			if(empty($curVal))
+			if(empty($curval))
 			{
 				return "No password!";	
 			}
+
+			// if(getperms('0'))
+			{
+
+				$type = e107::getUserSession()->getHashType($curval, 'array');
+				$num = $type[0];
+
+				$styles= array(0=>'label-danger',1=>'label-warning', 3=>'label-success');
+
+				return "<span class='label label-password ".$styles[$num]."'>".$type[1]."</span>";
+			}
 		}
 		if($mode == 'write')
 		{
--- a/e107_handlers/magpie_rss.php
+++ b/e107_handlers/magpie_rss.php
@@ -92,7 +92,7 @@ class MagpieRSS {
     *                                  source encoding. (caveat emptor)
     *
     */
-    function MagpieRSS ($source, $output_encoding = CHARSET, 
+    function __construct ($source, $output_encoding = CHARSET,
                        $input_encoding=null, $detect_encoding = true) 
    {   
        # if PHP xml isn't compiled in, die
--- a/e107_handlers/user_handler.php
+++ b/e107_handlers/user_handler.php
@@ -224,9 +224,9 @@ class UserHandler

 		switch($type)
 		{
-			case PASSWORD_E107_MD5:
+			case PASSWORD_E107_MD5://  &&
 				if (md5($password) !== $stored_hash) return PASSWORD_INVALID;
-				if ($this->preferred == PASSWORD_E107_MD5) return PASSWORD_VALID;
+				if ($this->preferred == PASSWORD_E107_MD5 && ($this->passwordOpts <= 1)) return PASSWORD_VALID;
 				return $this->HashPassword($password);		// Valid password, but non-preferred encoding; return the new hash
 				break;

@@ -288,35 +288,48 @@ class UserHandler
 	/**
 	 * Detect Password Hash Algorythm type
 	 * @param string $hash - Password hash to analyse
+	 * @param string $mode - (optional) set to 'text' for a plain-text description.
 	 * @return bool|int
 	 */
-	public function getHashType($hash)
+	public function getHashType($hash, $mode='constant')
 	{
 		if(empty($hash))
 		{
 			return false;
 		}

-		if(($this->passwordOpts <= 1) && (strlen($hash) === 32))
-		{
-			return PASSWORD_E107_MD5;
-		}
+		$num = false;
+		$name = '';

-		if ((strlen($hash) === 35) && (substr($hash,0,3) == PASSWORD_E107_ID))
+		if((strlen($hash) === 32))
 		{
-			return PASSWORD_E107_SALT;
+			$num = PASSWORD_E107_MD5;
+			$name = 'md5';
 		}
-
-		if($this->passwordAPI)
+		elseif ((strlen($hash) === 35) && (substr($hash,0,3) == PASSWORD_E107_ID))
+		{
+			$num = PASSWORD_E107_SALT;
+			$name = 'md5-salt';
+		}
+		elseif($this->passwordAPI)
 		{
 			$info = password_get_info($hash);
 			if(!empty($info['algo']))
 			{
-				return PASSWORD_E107_PHP;
+				$num = PASSWORD_E107_PHP;
+				$name = $info['algoName'];
 			}
 		}

-		return false;
+		if($mode == 'array' && !empty($name))
+		{
+			return array($num,$name);
+		}
+
+		return $num;
+
+
+
 	}


--- a/index.php
+++ b/index.php
@@ -141,6 +141,7 @@
 					{
 						define('e_CURRENT_PLUGIN', $plug);
 						define('e_QUERY', $query); // do not add to e107_class.php
+						define('e_URL_LEGACY', $redirect);
 						include_once($file);
 						exit;
 					}