Bug #39356 ยป saltedpassword-checkdblength.patch
typo3_src-4.5.29/typo3/sysext/saltedpasswords/classes/tasks/class.tx_saltedpasswords_tasks_bulkupdate.php | ||
---|---|---|
return(TRUE);
|
||
}
|
||
/**
|
||
* Determine if the database password field length can contain Blowfish with MD5 prefix
|
||
*
|
||
* @param mixed $tableName Description.
|
||
* @access protected
|
||
* @return boolean true if long enough, false if not.
|
||
*/
|
||
protected function checkPasswordColumnLength($tableName) {
|
||
$fields = $GLOBALS['TYPO3_DB']->admin_get_fields($tableName);
|
||
if( is_array($fields['password']) &&
|
||
!empty($fields['password']['Type']))
|
||
{
|
||
//should be varchar(##). If not, cast to 0
|
||
$fieldLength = (int) substr($fields['password']['Type'], 8, -1);
|
||
return ($fieldLength <= 60) ? false : true;
|
||
}
|
||
}
|
||
/**
|
||
* Find next set of frontend or backend users to update.
|
||
*
|
||
... | ... | |
* @return array Rows with uid and password
|
||
*/
|
||
protected function findUsersToUpdate($mode) {
|
||
if(!$this->checkPasswordColumnLength(strtolower($mode) . '_users')){
|
||
throw new Exception(sprintf("The password field length in table %s needs to be at least 61 characters.", strtolower($mode) . '_users'));
|
||
}
|
||
$usersToUpdate = $GLOBALS['TYPO3_DB']->exec_SELECTgetRows(
|
||
'uid, password',
|
||
strtolower($mode) . '_users',
|
typo3_src-4.5.29/typo3/sysext/saltedpasswords/locallang.xml | ||
---|---|---|
<label index="ext.saltedpasswords.title.tx_saltedpasswords_salts_phpass">Portable PHP password hashing (phpass)</label>
|
||
<label index="ext.saltedpasswords.title.tx_saltedpasswords_salts_md5">MD5 salted hashing (secure)</label>
|
||
<label index="ext.saltedpasswords.title.tx_saltedpasswords_salts_blowfish">Blowfish salted hashing (advanced)</label>
|
||
<label index="ext.saltedpasswords.tasks.bulkupdate.name">Convert user passwords to salted hashes</label>
|
||
<label index="ext.saltedpasswords.tasks.bulkupdate.name">Convert user passwords to salted hashes. This task will not work until the password field length is at least 61 characters.</label>
|
||
<label index="ext.saltedpasswords.tasks.bulkupdate.description">Update all frontend and backend user passwords to salted hashes. This task deactivates itself when completed.</label>
|
||
</languageKey>
|
||
</data>
|