1
0
mirror of https://github.com/e107inc/e107.git synced 2025-08-01 20:30:39 +02:00

magento password handler - support non-salted passwords as well

This commit is contained in:
secretr
2011-09-15 12:59:26 +00:00
parent 88651c747b
commit d5dda7fd50

View File

@@ -251,18 +251,22 @@ class ExtendedPasswordHandler extends UserHandler
case PASSWORD_MAGENTO_SALT : case PASSWORD_MAGENTO_SALT :
if ((strpos($stored_hash, ':') === false)) $hash = $salt = '';
if ((strpos($stored_hash, ':') !== false))
{ {
return PASSWORD_INVALID; list($hash, $salt) = explode(':', $stored_hash);
} }
// Magento salted hash - should be 32-character md5 hash, ':', 2-character salt // Magento salted hash - should be 32-character md5 hash, ':', 2-character salt, but could be also only md5 hash
list($hash, $salt) = explode(':', $stored_hash); else
{
$hash = $stored_hash;
}
if(strlen($hash) !== 32) if(strlen($hash) !== 32)
{ {
return PASSWORD_INVALID; //return PASSWORD_INVALID;
} }
$pwHash = md5($salt.$pword); $pwHash = $salt ? md5($salt.$pword) : md5($pword);
$stored_hash = $hash; $stored_hash = $hash;
break; break;