Bug #61506: Salted passwords are not imported from t3d using import/export module - TYPO3 Core - TYPO3 Forge

Actions

Copy link

Bug #61506

closed

Salted passwords are not imported from t3d using import/export module

Added by Nils Heuermann over 9 years ago. Updated over 5 years ago.

Status:

Closed

Priority:

Should have

Assignee:

Category:

Authentication

Target version:

next-patchlevel

Start date:

2014-09-10

Due date:

% Done:

100%

Estimated time:

TYPO3 Version:

6.2

PHP Version:

5.5

Tags:

Complexity:

Is Regression:

Sprint Focus:

Description

When importing a t3d file using the import/export module of Typo3 and the saltedpasswords extension is enabled user passwords will not be imported if they are already salted.

The method evaluateFieldValue in TYPO3\CMS\Saltedpasswords\Evaluation\Evaluator sets the "set" flag to false when saltedpasswords are enabled. After that there are some checks for the password hash method that might have processed the password value.

The problem is that IF the password is already a salted password, the "set" flag remains false - and therefore the imported password hash is not saved to the database.

To reproduce this:
- Export a page tree (t3d) with be_users or fe_users (which have a salted password stored in the database)
- Import t3d file
- Passwords of imported users are empty

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

TYPO3 Core

Custom queries

Watchers (1)

Bug #61506

Salted passwords are not imported from t3d using import/export module

Updated by Vlatko Šurlan over 9 years ago

Updated by Gerrit Code Review over 9 years ago

Updated by Markus Klein over 9 years ago

Updated by Gerrit Code Review over 9 years ago

Updated by Gerrit Code Review over 9 years ago

Updated by Gerrit Code Review over 9 years ago

Updated by Markus Klein over 9 years ago

Updated by Gerrit Code Review over 9 years ago

Updated by Markus Klein over 9 years ago

Updated by Benni Mack over 5 years ago