private function _handle_logins($scheme, $password, $hash, $arrAuthData) { switch ($scheme) { case "XenForo_Authentication_Core12": $passwordHash = new XenForo_PasswordHash($this->passwordIterations, false); return $passwordHash->CheckPassword($password, $arrAuthData['hash']); break; case "XenForo_Authentication_Core": $userHash = hash('sha256', hash('sha256', $password) . $arrAuthData['salt']); if ($userHash === $arrAuthData['hash']) { return true; } $userHash = sha1(sha1($password) . $arrAuthData['salt']); return $userHash === $arrAuthData['hash']; break; case "XenForo_Authentication_IPBoard": case "XenForo_Authentication_MyBb": $userHash = md5(md5($arrAuthData['salt']) . md5($password)); return $userHash === $arrAuthData['hash']; break; case "XenForo_Authentication_PhpBb3": $passwordHash = new XenForo_PasswordHash(8, true); return $passwordHash->CheckPassword($password, $arrAuthData['hash']); break; case "XenForo_Authentication_vBulletin": $userHash = md5(md5($password) . $arrAuthData['salt']); return $userHash === $arrAuthData['hash']; break; } return false; }
/** * Authenticate against the given password * @see XenForo_Authentication_Abstract::authenticate() */ public function authenticate($userId, $password) { if (!is_string($password) || $password === '' || empty($this->_data)) { return false; } $passwordHash = new XenForo_PasswordHash(13, false); return $passwordHash->CheckPassword($password, $this->_data['hash']); }