Bug #39356 ยป saltedpassword-checkdblength.patch
| typo3_src-4.5.29/typo3/sysext/saltedpasswords/classes/tasks/class.tx_saltedpasswords_tasks_bulkupdate.php | ||
|---|---|---|
|
return(TRUE);
|
||
|
}
|
||
|
/**
|
||
|
* Determine if the database password field length can contain Blowfish with MD5 prefix
|
||
|
*
|
||
|
* @param mixed $tableName Description.
|
||
|
* @access protected
|
||
|
* @return boolean true if long enough, false if not.
|
||
|
*/
|
||
|
protected function checkPasswordColumnLength($tableName) {
|
||
|
$fields = $GLOBALS['TYPO3_DB']->admin_get_fields($tableName);
|
||
|
if( is_array($fields['password']) &&
|
||
|
!empty($fields['password']['Type']))
|
||
|
{
|
||
|
//should be varchar(##). If not, cast to 0
|
||
|
$fieldLength = (int) substr($fields['password']['Type'], 8, -1);
|
||
|
return ($fieldLength <= 60) ? false : true;
|
||
|
}
|
||
|
}
|
||
|
/**
|
||
|
* Find next set of frontend or backend users to update.
|
||
|
*
|
||
| ... | ... | |
|
* @return array Rows with uid and password
|
||
|
*/
|
||
|
protected function findUsersToUpdate($mode) {
|
||
|
if(!$this->checkPasswordColumnLength(strtolower($mode) . '_users')){
|
||
|
throw new Exception(sprintf("The password field length in table %s needs to be at least 61 characters.", strtolower($mode) . '_users'));
|
||
|
}
|
||
|
$usersToUpdate = $GLOBALS['TYPO3_DB']->exec_SELECTgetRows(
|
||
|
'uid, password',
|
||
|
strtolower($mode) . '_users',
|
||
| typo3_src-4.5.29/typo3/sysext/saltedpasswords/locallang.xml | ||
|---|---|---|
|
<label index="ext.saltedpasswords.title.tx_saltedpasswords_salts_phpass">Portable PHP password hashing (phpass)</label>
|
||
|
<label index="ext.saltedpasswords.title.tx_saltedpasswords_salts_md5">MD5 salted hashing (secure)</label>
|
||
|
<label index="ext.saltedpasswords.title.tx_saltedpasswords_salts_blowfish">Blowfish salted hashing (advanced)</label>
|
||
|
<label index="ext.saltedpasswords.tasks.bulkupdate.name">Convert user passwords to salted hashes</label>
|
||
|
<label index="ext.saltedpasswords.tasks.bulkupdate.name">Convert user passwords to salted hashes. This task will not work until the password field length is at least 61 characters.</label>
|
||
|
<label index="ext.saltedpasswords.tasks.bulkupdate.description">Update all frontend and backend user passwords to salted hashes. This task deactivates itself when completed.</label>
|
||
|
</languageKey>
|
||
|
</data>
|
||