test() public static method

Test whether a password hash has been generated with crypt()
public static test ( string $strHash ) : boolean
$strHash string The password hash
return boolean True if the password hash has been generated with crypt()
コード例 #1
0
 /**
  * Generate the module
  */
 protected function compile()
 {
     $this->import('FrontendUser', 'User');
     // Initialize the password widget
     $arrField = array('name' => 'password', 'inputType' => 'text', 'label' => $GLOBALS['TL_LANG']['MSC']['password'][0], 'eval' => array('hideInput' => true, 'mandatory' => true, 'required' => true));
     $objWidget = new \FormTextField(\FormTextField::getAttributesFromDca($arrField, $arrField['name']));
     $objWidget->rowClass = 'row_0 row_first even';
     $strFormId = 'tl_close_account_' . $this->id;
     // Validate widget
     if (\Input::post('FORM_SUBMIT') == $strFormId) {
         $objWidget->validate();
         // Validate the password
         if (!$objWidget->hasErrors()) {
             // The password has been generated with crypt()
             if (\Encryption::test($this->User->password)) {
                 $blnAuthenticated = \Encryption::verify($objWidget->value, $this->User->password);
             } else {
                 list($strPassword, $strSalt) = explode(':', $this->User->password);
                 $blnAuthenticated = $strSalt == '' ? $strPassword === sha1($objWidget->value) : $strPassword === sha1($strSalt . $objWidget->value);
             }
             if (!$blnAuthenticated) {
                 $objWidget->value = '';
                 $objWidget->addError($GLOBALS['TL_LANG']['ERR']['invalidPass']);
             }
         }
         // Close account
         if (!$objWidget->hasErrors()) {
             // HOOK: send account ID
             if (isset($GLOBALS['TL_HOOKS']['closeAccount']) && is_array($GLOBALS['TL_HOOKS']['closeAccount'])) {
                 foreach ($GLOBALS['TL_HOOKS']['closeAccount'] as $callback) {
                     $this->import($callback[0]);
                     $this->{$callback[0]}->{$callback[1]}($this->User->id, $this->reg_close, $this);
                 }
             }
             $objMember = \MemberModel::findByPk($this->User->id);
             // Remove the account
             if ($this->reg_close == 'close_delete') {
                 $objMember->delete();
                 $this->log('User account ID ' . $this->User->id . ' (' . \Idna::decodeEmail($this->User->email) . ') has been deleted', __METHOD__, TL_ACCESS);
             } else {
                 $objMember->disable = 1;
                 $objMember->tstamp = time();
                 $objMember->save();
                 $this->log('User account ID ' . $this->User->id . ' (' . \Idna::decodeEmail($this->User->email) . ') has been deactivated', __METHOD__, TL_ACCESS);
             }
             $this->User->logout();
             // Check whether there is a jumpTo page
             if (($objJumpTo = $this->objModel->getRelated('jumpTo')) instanceof PageModel) {
                 $this->jumpToOrReload($objJumpTo->row());
             }
             $this->reload();
         }
     }
     $this->Template->fields = $objWidget->parse();
     $this->Template->formId = $strFormId;
     $this->Template->action = \Environment::get('indexFreeRequest');
     $this->Template->slabel = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['closeAccount']);
     $this->Template->rowLast = 'row_1 row_last odd';
 }
コード例 #2
0
ファイル: User.php プロジェクト: qzminski/contao-core-bundle
 /**
  * Try to login the current user
  *
  * @return boolean True if the user could be logged in
  */
 public function login()
 {
     \System::loadLanguageFile('default');
     // Do not continue if username or password are missing
     if (empty($_POST['username']) || empty($_POST['password'])) {
         return false;
     }
     // Load the user object
     if ($this->findBy('username', \Input::post('username', true)) == false) {
         $blnLoaded = false;
         // HOOK: pass credentials to callback functions
         if (isset($GLOBALS['TL_HOOKS']['importUser']) && is_array($GLOBALS['TL_HOOKS']['importUser'])) {
             foreach ($GLOBALS['TL_HOOKS']['importUser'] as $callback) {
                 $this->import($callback[0], 'objImport', true);
                 $blnLoaded = $this->objImport->{$callback[1]}(\Input::post('username', true), \Input::postUnsafeRaw('password'), $this->strTable);
                 // Load successfull
                 if ($blnLoaded === true) {
                     break;
                 }
             }
         }
         // Return if the user still cannot be loaded
         if (!$blnLoaded || $this->findBy('username', \Input::post('username', true)) == false) {
             \Message::addError($GLOBALS['TL_LANG']['ERR']['invalidLogin']);
             $this->log('Could not find user "' . \Input::post('username', true) . '"', __METHOD__, TL_ACCESS);
             return false;
         }
     }
     $time = time();
     // Set the user language
     if (\Input::post('language')) {
         $this->language = \Input::post('language');
     }
     // Lock the account if there are too many login attempts
     if ($this->loginCount < 1) {
         $this->locked = $time;
         $this->loginCount = \Config::get('loginCount');
         $this->save();
         // Add a log entry and the error message, because checkAccountStatus() will not be called (see #4444)
         $this->log('User "' . $this->username . '" has been locked for ' . ceil(\Config::get('lockPeriod') / 60) . ' minutes', __METHOD__, TL_ACCESS);
         \Message::addError(sprintf($GLOBALS['TL_LANG']['ERR']['accountLocked'], ceil(($this->locked + \Config::get('lockPeriod') - $time) / 60)));
         // Send admin notification
         if (\Config::get('adminEmail') != '') {
             $objEmail = new \Email();
             $objEmail->subject = $GLOBALS['TL_LANG']['MSC']['lockedAccount'][0];
             $objEmail->text = sprintf($GLOBALS['TL_LANG']['MSC']['lockedAccount'][1], $this->username, TL_MODE == 'FE' ? $this->firstname . " " . $this->lastname : $this->name, \Idna::decode(\Environment::get('base')), ceil(\Config::get('lockPeriod') / 60));
             $objEmail->sendTo(\Config::get('adminEmail'));
         }
         return false;
     }
     // Check the account status
     if ($this->checkAccountStatus() == false) {
         return false;
     }
     // The password has been generated with crypt()
     if (\Encryption::test($this->password)) {
         $blnAuthenticated = \Encryption::verify(\Input::postUnsafeRaw('password'), $this->password);
     } else {
         list($strPassword, $strSalt) = explode(':', $this->password);
         $blnAuthenticated = $strSalt == '' ? $strPassword === sha1(\Input::postUnsafeRaw('password')) : $strPassword === sha1($strSalt . \Input::postUnsafeRaw('password'));
         // Store a SHA-512 encrpyted version of the password
         if ($blnAuthenticated) {
             $this->password = \Encryption::hash(\Input::postUnsafeRaw('password'));
         }
     }
     // HOOK: pass credentials to callback functions
     if (!$blnAuthenticated && isset($GLOBALS['TL_HOOKS']['checkCredentials']) && is_array($GLOBALS['TL_HOOKS']['checkCredentials'])) {
         foreach ($GLOBALS['TL_HOOKS']['checkCredentials'] as $callback) {
             $this->import($callback[0], 'objAuth', true);
             $blnAuthenticated = $this->objAuth->{$callback[1]}(\Input::post('username', true), \Input::postUnsafeRaw('password'), $this);
             // Authentication successfull
             if ($blnAuthenticated === true) {
                 break;
             }
         }
     }
     // Redirect if the user could not be authenticated
     if (!$blnAuthenticated) {
         --$this->loginCount;
         $this->save();
         \Message::addError($GLOBALS['TL_LANG']['ERR']['invalidLogin']);
         $this->log('Invalid password submitted for username "' . $this->username . '"', __METHOD__, TL_ACCESS);
         return false;
     }
     $this->setUserFromDb();
     // Update the record
     $this->lastLogin = $this->currentLogin;
     $this->currentLogin = $time;
     $this->loginCount = \Config::get('loginCount');
     $this->save();
     // Generate the session
     $this->regenerateSessionId();
     $this->generateSession();
     $this->log('User "' . $this->username . '" has logged in', __METHOD__, TL_ACCESS);
     // HOOK: post login callback
     if (isset($GLOBALS['TL_HOOKS']['postLogin']) && is_array($GLOBALS['TL_HOOKS']['postLogin'])) {
         foreach ($GLOBALS['TL_HOOKS']['postLogin'] as $callback) {
             $this->import($callback[0], 'objLogin', true);
             $this->objLogin->{$callback[1]}($this);
         }
     }
     return true;
 }
コード例 #3
0
 /**
  * Generate the module
  */
 protected function compile()
 {
     /** @var PageModel $objPage */
     global $objPage;
     $this->import('FrontendUser', 'User');
     $GLOBALS['TL_LANGUAGE'] = $objPage->language;
     \System::loadLanguageFile('tl_member');
     $this->loadDataContainer('tl_member');
     // Old password widget
     $arrFields['oldPassword'] = array('name' => 'oldpassword', 'label' => &$GLOBALS['TL_LANG']['MSC']['oldPassword'], 'inputType' => 'text', 'eval' => array('mandatory' => true, 'preserveTags' => true, 'hideInput' => true));
     // New password widget
     $arrFields['newPassword'] = $GLOBALS['TL_DCA']['tl_member']['fields']['password'];
     $arrFields['newPassword']['name'] = 'password';
     $arrFields['newPassword']['label'] =& $GLOBALS['TL_LANG']['MSC']['newPassword'];
     $row = 0;
     $strFields = '';
     $doNotSubmit = false;
     $objMember = \MemberModel::findByPk($this->User->id);
     $strFormId = 'tl_change_password_' . $this->id;
     $flashBag = \System::getContainer()->get('session')->getFlashBag();
     $strTable = $objMember->getTable();
     // Initialize the versioning (see #8301)
     $objVersions = new \Versions($strTable, $objMember->id);
     $objVersions->setUsername($objMember->username);
     $objVersions->setUserId(0);
     $objVersions->setEditUrl('contao/main.php?do=member&act=edit&id=%s&rt=1');
     $objVersions->initialize();
     /** @var FormTextField $objOldPassword */
     $objOldPassword = null;
     /** @var FormPassword $objNewPassword */
     $objNewPassword = null;
     // Initialize the widgets
     foreach ($arrFields as $strKey => $arrField) {
         /** @var Widget $strClass */
         $strClass = $GLOBALS['TL_FFL'][$arrField['inputType']];
         // Continue if the class is not defined
         if (!class_exists($strClass)) {
             continue;
         }
         $arrField['eval']['required'] = $arrField['eval']['mandatory'];
         /** @var Widget $objWidget */
         $objWidget = new $strClass($strClass::getAttributesFromDca($arrField, $arrField['name']));
         $objWidget->storeValues = true;
         $objWidget->rowClass = 'row_' . $row . ($row == 0 ? ' row_first' : '') . ($row % 2 == 0 ? ' even' : ' odd');
         // Increase the row count if it is a password field
         if ($objWidget instanceof FormPassword) {
             $objWidget->rowClassConfirm = 'row_' . ++$row . ($row % 2 == 0 ? ' even' : ' odd');
         }
         ++$row;
         // Store the widget objects
         $strVar = 'obj' . ucfirst($strKey);
         ${$strVar} = $objWidget;
         // Validate the widget
         if (\Input::post('FORM_SUBMIT') == $strFormId) {
             $objWidget->validate();
             // Validate the old password
             if ($strKey == 'oldPassword') {
                 if (\Encryption::test($objMember->password)) {
                     $blnAuthenticated = \Encryption::verify($objWidget->value, $objMember->password);
                 } else {
                     list($strPassword, $strSalt) = explode(':', $objMember->password);
                     $blnAuthenticated = $strSalt == '' ? $strPassword === sha1($objWidget->value) : $strPassword === sha1($strSalt . $objWidget->value);
                 }
                 if (!$blnAuthenticated) {
                     $objWidget->value = '';
                     $objWidget->addError($GLOBALS['TL_LANG']['MSC']['oldPasswordWrong']);
                     sleep(2);
                     // Wait 2 seconds while brute forcing :)
                 }
             }
             if ($objWidget->hasErrors()) {
                 $doNotSubmit = true;
             }
         }
         $strFields .= $objWidget->parse();
     }
     $this->Template->fields = $strFields;
     $this->Template->hasError = $doNotSubmit;
     // Store the new password
     if (\Input::post('FORM_SUBMIT') == $strFormId && !$doNotSubmit) {
         $objMember->tstamp = time();
         $objMember->password = $objNewPassword->value;
         $objMember->save();
         // Create a new version
         if ($GLOBALS['TL_DCA'][$strTable]['config']['enableVersioning']) {
             $objVersions->create();
         }
         // HOOK: set new password callback
         if (isset($GLOBALS['TL_HOOKS']['setNewPassword']) && is_array($GLOBALS['TL_HOOKS']['setNewPassword'])) {
             foreach ($GLOBALS['TL_HOOKS']['setNewPassword'] as $callback) {
                 $this->import($callback[0]);
                 $this->{$callback[0]}->{$callback[1]}($objMember, $objNewPassword->value, $this);
             }
         }
         // Check whether there is a jumpTo page
         if (($objJumpTo = $this->objModel->getRelated('jumpTo')) instanceof PageModel) {
             $this->jumpToOrReload($objJumpTo->row());
         }
         $flashBag->set('mod_change_password_confirm', $GLOBALS['TL_LANG']['MSC']['newPasswordSet']);
         $this->reload();
     }
     // Confirmation message
     if ($flashBag->has('mod_change_password_confirm')) {
         $arrMessages = $flashBag->get('mod_change_password_confirm');
         $this->Template->message = $arrMessages[0];
     }
     $this->Template->formId = $strFormId;
     $this->Template->action = \Environment::get('indexFreeRequest');
     $this->Template->slabel = \StringUtil::specialchars($GLOBALS['TL_LANG']['MSC']['changePassword']);
     $this->Template->rowLast = 'row_' . $row . ' row_last' . ($row % 2 == 0 ? ' even' : ' odd');
 }
コード例 #4
0
 /**
  * Log in the user
  */
 protected function loginUser()
 {
     $_SESSION['TL_INSTALL_AUTH'] = '';
     $_SESSION['TL_INSTALL_EXPIRE'] = 0;
     // The password has been generated with crypt()
     if (\Encryption::test(\Config::get('installPassword'))) {
         if (\Encryption::verify(\Input::postUnsafeRaw('password'), \Config::get('installPassword'))) {
             $this->setAuthCookie();
             \Config::persist('installCount', 0);
             $this->reload();
         }
     } else {
         list($strPassword, $strSalt) = explode(':', \Config::get('installPassword'));
         $blnAuthenticated = $strSalt == '' ? $strPassword === sha1(\Input::postUnsafeRaw('password')) : $strPassword === sha1($strSalt . \Input::postUnsafeRaw('password'));
         if ($blnAuthenticated) {
             // Store a crypt() version of the password
             $strPassword = \Encryption::hash(\Input::postUnsafeRaw('password'));
             \Config::persist('installPassword', $strPassword);
             $this->setAuthCookie();
             \Config::persist('installCount', 0);
             $this->reload();
         }
     }
     // Increase the login count if we get here
     \Config::persist('installCount', \Config::get('installCount') + 1);
     $this->Template->passwordError = $GLOBALS['TL_LANG']['ERR']['invalidPass'];
 }