/** * See http://open.silverstripe.org/ticket/3004 * * Handy command for reproducing via CLI on different architectures: * php -r "echo(base_convert(sha1('mypassword'), 16, 36));" */ function testEncrytorLegacyPHPHashCompare() { PasswordEncryptor::register('test_sha1legacy', 'PasswordEncryptor_LegacyPHPHash("sha1")'); $e = PasswordEncryptor::create_for_algorithm('test_sha1legacy'); // precomputed hashes for 'mypassword' from different architectures $amdHash = 'h1fj0a6m4o6k0sosks88oo08ko4gc4s'; $intelHash = 'h1fj0a6m4o0g04ocg00o4kwoc4wowws'; $wrongHash = 'h1fjxxxxxxxxxxxxxxxxxxxxxxxxxxx'; $this->assertTrue($e->compare($amdHash, $intelHash)); $this->assertFalse($e->compare($amdHash, $wrongHash)); }
function testNoLegacyPasswordHashMigrationOnIncompatibleAlgorithm() { PasswordEncryptor::register('crc32', 'PasswordEncryptor_PHPHash("crc32")'); $field = Member::get_unique_identifier_field(); $member = new Member(); $member->{$field} = '*****@*****.**'; $member->PasswordEncryption = "crc32"; $member->Password = "******"; $member->write(); $data = array('Email' => $member->{$field}, 'Password' => 'mypassword'); MemberAuthenticator::authenticate($data); $member = DataObject::get_by_id('Member', $member->ID); $this->assertEquals($member->PasswordEncryption, "crc32"); $result = $member->checkPassword('mypassword'); $this->assertTrue($result->valid()); }
*/ define('MCE_ROOT', 'sapphire/thirdparty/tinymce/'); /** * The secret key that needs to be sent along with pings to /Email_BounceHandler * * Change this to something different for increase security (you can * override it in mysite/_config.php to ease upgrades). * For more information see: * {@link http://doc.silverstripe.org/doku.php?id=email_bouncehandler} */ if (!defined('EMAIL_BOUNCEHANDLER_KEY')) { define('EMAIL_BOUNCEHANDLER_KEY', '1aaaf8fb60ea253dbf6efa71baaacbb3'); } PasswordEncryptor::register('none', 'PasswordEncryptor_None'); PasswordEncryptor::register('md5', 'PasswordEncryptor_LegacyPHPHash("md5")'); PasswordEncryptor::register('sha1', 'PasswordEncryptor_LegacyPHPHash("sha1")'); PasswordEncryptor::register('md5_v2.4', 'PasswordEncryptor_PHPHash("md5")'); PasswordEncryptor::register('sha1_v2.4', 'PasswordEncryptor_PHPHash("sha1")'); // Zend_Cache temp directory setting $_ENV['TMPDIR'] = TEMP_FOLDER; // for *nix $_ENV['TMP'] = TEMP_FOLDER; // for Windows $aggregatecachedir = TEMP_FOLDER . DIRECTORY_SEPARATOR . 'aggregate_cache'; if (!is_dir($aggregatecachedir)) { mkdir($aggregatecachedir); } SS_Cache::add_backend('aggregatestore', 'File', array('cache_dir' => $aggregatecachedir)); SS_Cache::pick_backend('aggregatestore', 'aggregate', 1000); // TODO Remove once new ManifestBuilder with submodule support is in place require_once 'admin/_config.php';