mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-06-05 10:25:17 +02:00
Code Issues Releases Wiki Activity

magento password handler - support non-salted passwords as well

Browse Source
This commit is contained in:
secretr 2011-09-15 12:59:26 +00:00
parent 88651c747b
commit d5dda7fd50
1 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
e107_plugins/alt_auth/extended_password_handler.php
View File

@ -251,18 +251,22 @@ class ExtendedPasswordHandler extends UserHandler
case PASSWORD_MAGENTO_SALT :
if ((strpos($stored_hash, ':') === false))
$hash = $salt = '';
if ((strpos($stored_hash, ':') !== false))
{
return PASSWORD_INVALID;
list($hash, $salt) = explode(':', $stored_hash);
}
// Magento salted hash - should be 32-character md5 hash, ':', 2-character salt
list($hash, $salt) = explode(':', $stored_hash);
// Magento salted hash - should be 32-character md5 hash, ':', 2-character salt, but could be also only md5 hash
else
{
$hash = $stored_hash;
}
if(strlen($hash) !== 32)
{
return PASSWORD_INVALID;
//return PASSWORD_INVALID;
}
$pwHash = md5($salt.$pword);
$pwHash = $salt ? md5($salt.$pword) : md5($pword);
$stored_hash = $hash;
break;