Beispiel #1
0
 /**
  * See http://open.silverstripe.org/ticket/3004
  * 
  * Handy command for reproducing via CLI on different architectures:
  * 	php -r "echo(base_convert(sha1('mypassword'), 16, 36));"
  */
 function testEncrytorLegacyPHPHashCompare()
 {
     PasswordEncryptor::register('test_sha1legacy', 'PasswordEncryptor_LegacyPHPHash("sha1")');
     $e = PasswordEncryptor::create_for_algorithm('test_sha1legacy');
     // precomputed hashes for 'mypassword' from different architectures
     $amdHash = 'h1fj0a6m4o6k0sosks88oo08ko4gc4s';
     $intelHash = 'h1fj0a6m4o0g04ocg00o4kwoc4wowws';
     $wrongHash = 'h1fjxxxxxxxxxxxxxxxxxxxxxxxxxxx';
     $this->assertTrue($e->compare($amdHash, $intelHash));
     $this->assertFalse($e->compare($amdHash, $wrongHash));
 }
Beispiel #2
0
 function testNoLegacyPasswordHashMigrationOnIncompatibleAlgorithm()
 {
     PasswordEncryptor::register('crc32', 'PasswordEncryptor_PHPHash("crc32")');
     $field = Member::get_unique_identifier_field();
     $member = new Member();
     $member->{$field} = '*****@*****.**';
     $member->PasswordEncryption = "crc32";
     $member->Password = "******";
     $member->write();
     $data = array('Email' => $member->{$field}, 'Password' => 'mypassword');
     MemberAuthenticator::authenticate($data);
     $member = DataObject::get_by_id('Member', $member->ID);
     $this->assertEquals($member->PasswordEncryption, "crc32");
     $result = $member->checkPassword('mypassword');
     $this->assertTrue($result->valid());
 }
Beispiel #3
0
 */
define('MCE_ROOT', 'sapphire/thirdparty/tinymce/');
/**
 * The secret key that needs to be sent along with pings to /Email_BounceHandler
 *
 * Change this to something different for increase security (you can
 * override it in mysite/_config.php to ease upgrades).
 * For more information see:
 * {@link http://doc.silverstripe.org/doku.php?id=email_bouncehandler}
 */
if (!defined('EMAIL_BOUNCEHANDLER_KEY')) {
    define('EMAIL_BOUNCEHANDLER_KEY', '1aaaf8fb60ea253dbf6efa71baaacbb3');
}
PasswordEncryptor::register('none', 'PasswordEncryptor_None');
PasswordEncryptor::register('md5', 'PasswordEncryptor_LegacyPHPHash("md5")');
PasswordEncryptor::register('sha1', 'PasswordEncryptor_LegacyPHPHash("sha1")');
PasswordEncryptor::register('md5_v2.4', 'PasswordEncryptor_PHPHash("md5")');
PasswordEncryptor::register('sha1_v2.4', 'PasswordEncryptor_PHPHash("sha1")');
// Zend_Cache temp directory setting
$_ENV['TMPDIR'] = TEMP_FOLDER;
// for *nix
$_ENV['TMP'] = TEMP_FOLDER;
// for Windows
$aggregatecachedir = TEMP_FOLDER . DIRECTORY_SEPARATOR . 'aggregate_cache';
if (!is_dir($aggregatecachedir)) {
    mkdir($aggregatecachedir);
}
SS_Cache::add_backend('aggregatestore', 'File', array('cache_dir' => $aggregatecachedir));
SS_Cache::pick_backend('aggregatestore', 'aggregate', 1000);
// TODO Remove once new ManifestBuilder with submodule support is in place
require_once 'admin/_config.php';