/** * @see wcf\form\IForm::validate() */ public function validate() { parent::validate(); if (empty($this->masterPassword)) { throw new UserInputException('masterPassword'); } // check password if (StringUtil::getSaltedHash($this->masterPassword, MASTER_PASSWORD_SALT) != MASTER_PASSWORD) { throw new UserInputException('masterPassword', 'invalid'); } }
/** * @see wcf\system\user\authentication\IUserAuthentication::storeAccessData() */ public function storeAccessData(User $user, $username, $password) { HeaderUtil::setCookie('userID', $user->userID, TIME_NOW + 365 * 24 * 3600); HeaderUtil::setCookie('password', StringUtil::getSaltedHash($password, $user->salt), TIME_NOW + 365 * 24 * 3600); }
/** * @see wcf\form\IForm::save() */ public function save() { // generate salt $salt = StringUtil::getRandomID(); // write master password file $file = new File(WCF_DIR . 'acp/masterPassword.inc.php'); $file->write("<?php\n/** MASTER PASSWORD STORAGE\nDO NOT EDIT THIS FILE */\ndefine('MASTER_PASSWORD', '" . StringUtil::getSaltedHash($this->masterPassword, $salt) . "');\ndefine('MASTER_PASSWORD_SALT', '" . $salt . "');\n?>"); $file->close(); @chmod(WCF_DIR . 'acp/masterPassword.inc.php', 0777); parent::save(); }