/**
* Checks whether a an BE user account named admin with default password exists.
*
* @return \TYPO3\CMS\Reports\Status An tx_reports_reports_status_Status object representing whether a default admin account exists
*/
protected function getAdminAccountStatus()
{
$value = $GLOBALS['LANG']->getLL('status_ok');
$message = '';
$severity = \TYPO3\CMS\Reports\Status::OK;
$whereClause = 'username = '******'TYPO3_DB']->fullQuoteStr('admin', 'be_users') . \TYPO3\CMS\Backend\Utility\BackendUtility::deleteClause('be_users');
$res = $GLOBALS['TYPO3_DB']->exec_SELECTquery('uid, username, password', 'be_users', $whereClause);
if ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
$secure = TRUE;
// Check against salted password
if (\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::isLoaded('saltedpasswords')) {
if (\TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled('BE')) {
/** @var $saltingObject \TYPO3\CMS\Saltedpasswords\Salt\SaltInterface */
$saltingObject = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance($row['password']);
if (is_object($saltingObject)) {
if ($saltingObject->checkPassword('password', $row['password'])) {
$secure = FALSE;
}
}
}
}
// Check against plain MD5
if ($row['password'] === '5f4dcc3b5aa765d61d8327deb882cf99') {
$secure = FALSE;
}
if (!$secure) {
$value = $GLOBALS['LANG']->getLL('status_insecure');
$severity = \TYPO3\CMS\Reports\Status::ERROR;
$editUserAccountUrl = 'alt_doc.php?returnUrl=mod.php?M=tools_txreportsM1&edit[be_users][' . $row['uid'] . ']=edit';
$message = sprintf($GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_core.xml:warning.backend_admin'), '<a href="' . $editUserAccountUrl . '">', '</a>');
}
}
$GLOBALS['TYPO3_DB']->sql_free_result($res);
return \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Reports\\Status', $GLOBALS['LANG']->getLL('status_adminUserAccount'), $value, $message, $severity);
}
/**
* Execute task
*
* @return bool
*/
public function execute()
{
$processedAllRecords = TRUE;
// For frontend and backend
foreach ($this->userRecordPointer as $mode => $pointer) {
// If saltedpasswords is active for frontend / backend
if (\TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled($mode)) {
$usersToUpdate = $this->findUsersToUpdate($mode);
$numberOfRows = count($usersToUpdate);
if ($numberOfRows > 0) {
$processedAllRecords = FALSE;
$this->activateSelf();
$this->incrementUserRecordPointer($mode, $numberOfRows);
$this->convertPasswords($mode, $usersToUpdate);
}
}
}
if ($processedAllRecords) {
// Reset the user record pointer
$this->userRecordPointer = array('FE' => 0, 'BE' => 0);
// Determine if task should disable itself
if ($this->canDeactivateSelf) {
$this->deactivateSelf();
}
}
// Use save() of parent class \TYPO3\CMS\Scheduler\Task\AbstractTask to persist changed task variables
$this->save();
return TRUE;
}
protected function createCliBeUser()
{
$db = $this->getDatabaseConnection();
$where = 'username = '******'_cli_lowlevel', 'be_users') . ' AND admin = 0';
$user = $db->exec_SELECTgetSingleRow('*', 'be_users', $where);
if ($user) {
if ($user['deleted'] || $user['disable']) {
$data = array('be_users' => array($user['uid'] => array('deleted' => 0, 'disable' => 0)));
/** @var \TYPO3\CMS\Core\DataHandling\DataHandler $dataHandler */
$dataHandler = GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\DataHandling\\DataHandler');
$dataHandler->stripslashes_values = FALSE;
$dataHandler->start($data, array());
$dataHandler->process_datamap();
}
} else {
// Prepare necessary data for _cli_lowlevel user creation
$password = uniqid('scheduler', TRUE);
if (SaltedPasswordsUtility::isUsageEnabled()) {
$objInstanceSaltedPW = SaltFactory::getSaltingInstance();
$password = $objInstanceSaltedPW->getHashedPassword($password);
}
$data = array('be_users' => array('NEW' => array('username' => '_cli_lowlevel', 'password' => $password, 'pid' => 0)));
/** @var \TYPO3\CMS\Core\DataHandling\DataHandler $dataHandler */
$dataHandler = GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\DataHandling\\DataHandler');
$dataHandler->stripslashes_values = FALSE;
$dataHandler->start($data, array());
$dataHandler->process_datamap();
// Check if a new uid was indeed generated (i.e. a new record was created)
// (counting DataHandler errors doesn't work as some failures don't report errors)
$numberOfNewIDs = count($dataHandler->substNEWwithIDs);
if ((int) $numberOfNewIDs !== 1) {
InstallerScripts::addFlashMessage('Failed to create _cli_lowlevel BE user.', 'BE user creation failed', AbstractMessage::WARNING);
}
}
}
/**
* Validation method
*
* @param mixed $password
*
* @return bool
*/
public function isValid($password)
{
$result = true;
if (!\Evoweb\SfRegister\Services\Login::isLoggedIn()) {
$this->addError(\TYPO3\CMS\Extbase\Utility\LocalizationUtility::translate('error_changepassword_notloggedin', 'SfRegister'), 1301599489);
$result = false;
} else {
$user = $this->userRepository->findByUid($GLOBALS['TSFE']->fe_user->user['uid']);
if (\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::isLoaded('saltedpasswords') && \TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled('FE')) {
/** @var \TYPO3\CMS\Saltedpasswords\Salt\SaltInterface $saltedPassword */
$saltedPassword = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance($user->getPassword(), null);
if (!$saltedPassword->checkPassword($password, $user->getPassword())) {
$this->addError(\TYPO3\CMS\Extbase\Utility\LocalizationUtility::translate('error_changepassword_notequal', 'SfRegister'), 1301599507);
$result = false;
}
} elseif ($this->settings['encryptPassword'] === 'md5') {
if (md5($password) !== $user->getPassword()) {
$this->addError(\TYPO3\CMS\Extbase\Utility\LocalizationUtility::translate('error_changepassword_notequal', 'SfRegister'), 1301599507);
$result = false;
}
} elseif ($this->settings['encryptPassword'] === 'sha1') {
if (sha1($password) !== $user->getPassword()) {
$this->addError(\TYPO3\CMS\Extbase\Utility\LocalizationUtility::translate('error_changepassword_notequal', 'SfRegister'), 1301599507);
$result = false;
}
}
}
return $result;
}
public function setPassword($password)
{
if (\TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled('FE')) {
$objSalt = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance(NULL);
if (is_object($objSalt)) {
$password = $objSalt->getHashedPassword($password);
}
}
parent::setPassword($password);
}
/**
* Applies transformations to a given plain text password, e.g. hashing
*
* @param string $password
* @return string
*/
public function applyTransformations($password)
{
if (ExtensionManagementUtility::isLoaded('saltedpasswords')) {
if (\TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled('FE')) {
$saltingInstance = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance();
$password = $saltingInstance->getHashedPassword($password);
}
}
return $password;
}
/**
* Adds the password hasher object to the context
*
* @param \Aimeos\MShop\Context\Item\Iface $context Context object
* @return \Aimeos\MShop\Context\Item\Iface Modified context object
*/
protected static function addHasher(\Aimeos\MShop\Context\Item\Iface $context)
{
if (isset($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['aimeos']['aimeos_context_hasher']) && is_callable($fcn = $GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['aimeos']['aimeos_context_hasher'])) {
return $fcn($context);
}
if (\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::isLoaded('saltedpasswords') && \TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled('FE')) {
$object = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance();
$context->setHasherTypo3($object);
}
return $context;
}
/**
* @return string
*/
protected function getSaltedPassword($password)
{
$saltedPassword = $password;
if (ExtensionManagementUtility::isLoaded('saltedpasswords')) {
if (SaltedPasswordsUtility::isUsageEnabled('FE')) {
$objSalt = SaltFactory::getSaltingInstance(NULL);
if (is_object($objSalt)) {
$saltedPassword = $objSalt->getHashedPassword($password);
}
}
}
return $saltedPassword;
}
/**
* Checks if service is available. In case of this service we check that
* following prerequesties are fulfilled:
* - loginSecurityLevel of according TYPO3_MODE is set to normal
*
* @return bool TRUE if service is available
*/
public function init()
{
$available = FALSE;
$mode = TYPO3_MODE;
if ($this->info['requestedServiceSubType'] === 'authUserBE') {
$mode = 'BE';
} elseif ($this->info['requestedServiceSubType'] === 'authUserFE') {
$mode = 'FE';
}
if (\TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled($mode)) {
$available = TRUE;
$this->extConf = \TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::returnExtConf();
}
return $available ? parent::init() : FALSE;
}
/**
* Function uses Portable PHP Hashing Framework to create a proper password string if needed
*
* @param mixed $value The value that has to be checked.
* @param string $is_in Is-In String
* @param integer $set Determines if the field can be set (value correct) or not, e.g. if input is required but the value is empty, then $set should be set to FALSE. (PASSED BY REFERENCE!)
* @return The new value of the field
* @todo Define visibility
*/
public function evaluateFieldValue($value, $is_in, &$set)
{
$isEnabled = $this->mode ? \TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled($this->mode) : \TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled();
if ($isEnabled) {
$set = FALSE;
$isMD5 = preg_match('/[0-9abcdef]{32,32}/', $value);
$isSaltedHash = \TYPO3\CMS\Core\Utility\GeneralUtility::inList('$1$,$2$,$2a,$P$', substr($value, 0, 3));
$this->objInstanceSaltedPW = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance(NULL, $this->mode);
if ($isMD5) {
$set = TRUE;
$value = 'M' . $this->objInstanceSaltedPW->getHashedPassword($value);
} elseif (!$isSaltedHash) {
$set = TRUE;
$value = $this->objInstanceSaltedPW->getHashedPassword($value);
}
}
return $value;
}
/**
* Function uses Portable PHP Hashing Framework to create a proper password string if needed
*
* @param mixed $value The value that has to be checked.
* @param string $is_in Is-In String
* @param bool $set Determines if the field can be set (value correct) or not, e.g. if input is required but the value is empty, then $set should be set to FALSE. (PASSED BY REFERENCE!)
* @return string The new value of the field
*/
public function evaluateFieldValue($value, $is_in, &$set)
{
$isEnabled = $this->mode ? \TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled($this->mode) : \TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled();
if ($isEnabled) {
$isMD5 = preg_match('/[0-9abcdef]{32,32}/', $value);
$isDeprecatedSaltedHash = \TYPO3\CMS\Core\Utility\GeneralUtility::inList('C$,M$', substr($value, 0, 2));
/** @var $objInstanceSaltedPW \TYPO3\CMS\Saltedpasswords\Salt\SaltInterface */
$objInstanceSaltedPW = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance(NULL, $this->mode);
if ($isMD5) {
$set = TRUE;
$value = 'M' . $objInstanceSaltedPW->getHashedPassword($value);
} else {
// Determine method used for the (possibly) salted hashed password
$tempValue = $isDeprecatedSaltedHash ? substr($value, 1) : $value;
$tempObjInstanceSaltedPW = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance($tempValue);
if (!is_object($tempObjInstanceSaltedPW)) {
$set = TRUE;
$value = $objInstanceSaltedPW->getHashedPassword($value);
}
}
}
return $value;
}
/**
* Returns the current context.
*
* @param \MW_Config_Interface Configuration object
* @return MShop_Context_Item_Interface Context object
*/
public static function getContext(\MW_Config_Interface $config)
{
if (self::$context === null) {
$context = new \MShop_Context_Item_Typo3();
$context->setConfig($config);
$dbm = new \MW_DB_Manager_PDO($config);
$context->setDatabaseManager($dbm);
$logger = \MAdmin_Log_Manager_Factory::createManager($context);
$context->setLogger($logger);
$cache = self::getCache($context);
$context->setCache($cache);
$mailer = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Mail\\MailMessage');
$context->setMail(new \MW_Mail_Typo3($mailer));
if (\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::isLoaded('saltedpasswords') && \TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled('FE')) {
$object = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance();
$context->setHasherTypo3($object);
}
if (isset($GLOBALS['TSFE']->fe_user)) {
$session = new \MW_Session_Typo3($GLOBALS['TSFE']->fe_user);
} else {
$session = new \MW_Session_None();
}
$context->setSession($session);
self::$context = $context;
}
self::$context->setConfig($config);
return self::$context;
}
/**
* Function uses Portable PHP Hashing Framework to create a proper password string if needed
*
* @param mixed $value The value that has to be checked.
* @param string $is_in Is-In String
* @param integer $set Determines if the field can be set (value correct) or not, e.g. if input is required but the value is empty, then $set should be set to FALSE. (PASSED BY REFERENCE!)
* @return string The new value of the field
*/
public function evaluateFieldValue($value, $is_in, &$set)
{
$confArr = unserialize($GLOBALS['TYPO3_CONF_VARS']['EXT']['extConf']['be_secure_pw']);
// create tce object for logging
/** @var \TYPO3\CMS\Core\DataHandling\DataHandler $tce */
$tce = Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\DataHandling\\DataHandler');
$tce->BE_USER = $GLOBALS['BE_USER'];
// get the languages from ext
/** @var \TYPO3\CMS\Lang\LanguageService $languageService */
$languageService = Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Lang\\LanguageService');
$languageService->init($tce->BE_USER->uc['lang']);
$languageService->includeLLFile('EXT:be_secure_pw/Resources/Private/Language/locallang.xml');
/** @var boolean $noMD5 return variable as md5 hash if saltedpasswords isn't enabled */
$noMD5 = FALSE;
$set = TRUE;
if (Utility\ExtensionManagementUtility::isLoaded('saltedpasswords')) {
if (SaltedPasswordsUtility::isUsageEnabled('BE')) {
$noMD5 = TRUE;
}
}
$isMD5 = preg_match('/[0-9abcdef]{32,32}/', $value);
// if $value is a md5 hash, return the value directly
if ($isMD5 && $noMD5) {
return $value;
}
// check for password length
$passwordLength = (int) $confArr['passwordLength'];
if ($confArr['passwordLength'] && $passwordLength) {
if (strlen($value) < $confArr['passwordLength']) {
$set = FALSE;
/* password too short */
$tce->log('be_users', 0, 5, 0, 1, $languageService->getLL('shortPassword'), FALSE, array($passwordLength));
}
}
$counter = 0;
$notUsed = array();
// check for lowercase characters
if ($confArr['lowercaseChar']) {
if (preg_match("/[a-z]/", $value) > 0) {
$counter++;
} else {
$notUsed[] = $languageService->getLL('lowercaseChar');
}
}
// check for capital characters
if ($confArr['capitalChar']) {
if (preg_match("/[A-Z]/", $value) > 0) {
$counter++;
} else {
$notUsed[] = $languageService->getLL('capitalChar');
}
}
// check for digits
if ($confArr['digit']) {
if (preg_match("/[0-9]/", $value) > 0) {
$counter++;
} else {
$notUsed[] = $languageService->getLL('digit');
}
}
// check for special characters
if ($confArr['specialChar']) {
if (preg_match("/[^0-9a-z]/i", $value) > 0) {
$counter++;
} else {
$notUsed[] = $languageService->getLL('specialChar');
}
}
if ($counter < $confArr['patterns']) {
/* password does not fit all conventions */
$ignoredPatterns = $confArr['patterns'] - $counter;
$additional = '';
$set = FALSE;
if (is_array($notUsed) && sizeof($notUsed) > 0) {
if (sizeof($notUsed) > 1) {
$additional = sprintf($languageService->getLL('notUsedConventions'), implode(', ', $notUsed));
} else {
$additional = sprintf($languageService->getLL('notUsedConvention'), $notUsed[0]);
}
}
if ($ignoredPatterns >= 1) {
$tce->log('be_users', 0, 5, 0, 1, $languageService->getLL('passwordConvention') . $additional, FALSE, array($ignoredPatterns));
}
}
/* no problems */
if ($set) {
if ($noMD5) {
return $value;
}
return md5($value);
}
// if password not valid return empty password
return '';
}
/**
* Returns the current context.
*
* @param \Aimeos\MW\Config\Iface Configuration object
* @return MShop_Context_Item_Interface Context object
*/
public static function getContext(\Aimeos\MW\Config\Iface $config)
{
if (self::$context === null) {
$context = new \Aimeos\MShop\Context\Item\Typo3();
$context->setConfig($config);
$dbm = new \Aimeos\MW\DB\Manager\PDO($config);
$context->setDatabaseManager($dbm);
$fsm = new \Aimeos\MW\Filesystem\Manager\Standard($config);
$context->setFilesystemManager($fsm);
$logger = \Aimeos\MAdmin\Log\Manager\Factory::createManager($context);
$context->setLogger($logger);
$cache = self::getCache($context);
$context->setCache($cache);
$mailer = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Mail\\MailMessage');
$context->setMail(new \Aimeos\MW\Mail\Typo3($mailer));
if (\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::isLoaded('saltedpasswords') && \TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled('FE')) {
$object = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance();
$context->setHasherTypo3($object);
}
if (isset($GLOBALS['TSFE']->fe_user)) {
$session = new \Aimeos\MW\Session\Typo3($GLOBALS['TSFE']->fe_user);
} else {
$session = new \Aimeos\MW\Session\None();
}
$context->setSession($session);
self::$context = $context;
}
self::$context->setConfig($config);
return self::$context;
}
/**
* Hash a password from $user->getPassword()
*
* @param FrontendUser $user
* @param string $method "md5" or "sha1"
* @return void
*/
public static function hashPassword(&$user, $method)
{
switch ($method) {
case 'md5':
$user->setPassword(md5($user->getPassword()));
break;
case 'sha1':
$user->setPassword(sha1($user->getPassword()));
break;
default:
if (ExtensionManagementUtility::isLoaded('saltedpasswords')) {
if (SaltedPasswordsUtility::isUsageEnabled('FE')) {
$objInstanceSaltedPw = SaltFactory::getSaltingInstance();
$user->setPassword($objInstanceSaltedPw->getHashedPassword($user->getPassword()));
}
}
}
}
/**
* This method creates the "cli_scheduler" BE user if it doesn't exist
*
* @return void
*/
protected function createSchedulerUser()
{
// Check _cli_scheduler user status
$checkUser = $this->checkSchedulerUser();
// Prepare default message
$message = $this->getLanguageService()->getLL('msg.userExists');
$severity = FlashMessage::WARNING;
// If the user does not exist, try creating it
if ($checkUser == -1) {
// Prepare necessary data for _cli_scheduler user creation
$password = StringUtility::getUniqueId('scheduler');
if (SaltedPasswordsUtility::isUsageEnabled()) {
$objInstanceSaltedPW = SaltFactory::getSaltingInstance();
$password = $objInstanceSaltedPW->getHashedPassword($password);
}
$data = array('be_users' => array('NEW' => array('username' => '_cli_scheduler', 'password' => $password, 'pid' => 0)));
/** @var $tcemain \TYPO3\CMS\Core\DataHandling\DataHandler */
$tcemain = GeneralUtility::makeInstance(\TYPO3\CMS\Core\DataHandling\DataHandler::class);
$tcemain->start($data, array());
$tcemain->process_datamap();
// Check if a new uid was indeed generated (i.e. a new record was created)
// (counting TCEmain errors doesn't work as some failures don't report errors)
$numberOfNewIDs = count($tcemain->substNEWwithIDs);
if ($numberOfNewIDs === 1) {
$message = $this->getLanguageService()->getLL('msg.userCreated');
$severity = FlashMessage::OK;
} else {
$message = $this->getLanguageService()->getLL('msg.userNotCreated');
$severity = FlashMessage::ERROR;
}
}
$this->addMessage($message, $severity);
}
private function isOldPasswordCorrect()
{
// Check old password
$password = $GLOBALS['TYPO3_DB']->exec_SELECTgetSingleRow('password', 'fe_users', 'uid = ' . $this->config['userid'] . ' AND pid IN (' . $this->conf['pidList'] . ')');
$password = current($password);
if (ExtensionManagementUtility::isLoaded('saltedpasswords') && SaltedPasswordsUtility::isUsageEnabled('FE')) {
$instanceSalted = SaltFactory::getSaltingInstance();
}
if ($instanceSalted && $instanceSalted->isValidSaltedPW($password)) {
if (!$instanceSalted->checkPassword($this->piVars['oldpassword'], $password)) {
return false;
}
} else {
if (ExtensionManagementUtility::isLoaded('kb_md5fepw')) {
if (strcmp(md5($this->piVars['oldpassword']), $password) != 0) {
return false;
}
} else {
if (strcmp($this->piVars['oldpassword'], $password) != 0) {
return false;
}
}
}
return true;
}
<?php
defined('TYPO3_MODE') or die();
$GLOBALS['TCA']['fe_users']['columns']['password']['config']['max'] = 100;
if (\TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled('FE')) {
// Get eval field operations methods as array keys
$operations = array_flip(\TYPO3\CMS\Core\Utility\GeneralUtility::trimExplode(',', $GLOBALS['TCA']['fe_users']['columns']['password']['config']['eval'], TRUE));
// Remove md5 and temporary password from the list of evaluated methods
unset($operations['md5'], $operations['password']);
// Append new methods to have "password" as last operation.
$operations['TYPO3\\CMS\\Saltedpasswords\\Evaluation\\FrontendEvaluator'] = 1;
$operations['password'] = 1;
$GLOBALS['TCA']['fe_users']['columns']['password']['config']['eval'] = implode(',', array_keys($operations));
unset($operations);
}
/**
* encrypt password
* @param string $password password
*/
public function encryptPassword($password)
{
if (SaltedPasswordsUtility::isUsageEnabled() && $password != '') {
$password = SaltFactory::getSaltingInstance(null)->getHashedPassword($password);
$this->setValue($password);
}
}
/**
* Hash password with saltedpassword extension
*
* @param string $password Password
*
* @return string
*/
protected function getHashedSaltedPassword($password)
{
if (\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::isLoaded('saltedpasswords') && \TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled('FE')) {
$objSalt = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance(NULL);
if (is_object($objSalt)) {
$password = $objSalt->getHashedPassword($password);
}
}
return $password;
}
/**
* Encrypt the password
*
* @param string $password
* @param array $settings
* @return string
*/
public static function encryptPassword($password, $settings)
{
if (\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::isLoaded('saltedpasswords') && \TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled('FE')) {
$saltObject = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance(null);
if (is_object($saltObject)) {
$password = $saltObject->getHashedPassword($password);
}
} elseif ($settings['encryptPassword'] === 'md5') {
$password = md5($password);
} elseif ($settings['encryptPassword'] === 'sha1') {
$password = sha1($password);
}
return $password;
}
function setPassword($password)
{
$this->data['password'] = $password;
$this->data['tx_mmforum_md5'] = md5($password);
$objPHPass = null;
if (ExtensionManagementUtility::isLoaded('t3sec_saltedpw')) {
require_once ExtensionManagementUtility::extPath('t3sec_saltedpw') . 'res/staticlib/class.tx_t3secsaltedpw_div.php';
if (tx_t3secsaltedpw_div::isUsageEnabled()) {
require_once ExtensionManagementUtility::extPath('t3sec_saltedpw') . 'res/lib/class.tx_t3secsaltedpw_phpass.php';
$objPHPass = GeneralUtility::makeInstance('tx_t3secsaltedpw_phpass');
}
}
if (!$objPHPass && ExtensionManagementUtility::isLoaded('saltedpasswords')) {
if (SaltedPasswordsUtility::isUsageEnabled()) {
$objPHPass = GeneralUtility::makeInstance(SaltedPasswordsUtility::getDefaultSaltingHashingMethod());
}
}
if ($objPHPass) {
$this->data['password'] = $objPHPass->getHashedPassword($password);
} else {
if (ExtensionManagementUtility::isLoaded('kb_md5fepw')) {
//if kb_md5fepw is installed, crypt password
$this->data['password'] = md5($password);
}
}
}
/**
* Get hashed password
*
* @param string $password
* @return string
*/
private function getHashedPassword($password)
{
$saltedPassword = '';
if (\TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled('FE')) {
$objSalt = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance(NULL);
if (is_object($objSalt)) {
$saltedPassword = $objSalt->getHashedPassword($password);
}
}
return $saltedPassword;
}
public function getHashedPassword($password)
{
$objPHPass = null;
if (\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::isLoaded('t3sec_saltedpw')) {
require_once \TYPO3\CMS\Core\Utility\ExtensionManagementUtility::extPath('t3sec_saltedpw') . 'res/staticlib/class.tx_t3secsaltedpw_div.php';
if (tx_t3secsaltedpw_div::isUsageEnabled()) {
require_once \TYPO3\CMS\Core\Utility\ExtensionManagementUtility::extPath('t3sec_saltedpw') . 'res/lib/class.tx_t3secsaltedpw_phpass.php';
$objPHPass = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('tx_t3secsaltedpw_phpass');
}
}
if (!$objPHPass && \TYPO3\CMS\Core\Utility\ExtensionManagementUtility::isLoaded('saltedpasswords')) {
if (\TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled()) {
$objPHPass = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance(\TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::getDefaultSaltingHashingMethod());
}
}
if ($objPHPass) {
$password = $objPHPass->getHashedPassword($password);
} else {
if (\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::isLoaded('kb_md5fepw')) {
//if kb_md5fepw is installed, crypt password
$password = md5($password);
}
}
return $password;
}
