public function checkPassword($password, $hash, $algorithm = null)
{
return Rhymix\Framework\Password::checkPassword($password, $hash, $algorithm);
}
/**
* @brief Compare plain text password to the password saved in DB
* @param string $hashed_password The hash that was saved in DB
* @param string $password_text The password to check
* @param int $member_srl Set this to member_srl when comparing a member's password (optional)
* @return bool
*/
function isValidPassword($hashed_password, $password_text, $member_srl = null)
{
// False if no password in entered
if (!$password_text) {
return false;
}
// Check the password
$password_match = false;
$current_algorithm = false;
$possible_algorithms = Rhymix\Framework\Password::checkAlgorithm($hashed_password);
foreach ($possible_algorithms as $algorithm) {
if (Rhymix\Framework\Password::checkPassword($password_text, $hashed_password, $algorithm)) {
$password_match = true;
$current_algorithm = $algorithm;
break;
}
}
if (!$password_match) {
return false;
}
// Update the encryption method if necessary
$config = $this->getMemberConfig();
if ($member_srl > 0 && $config->password_hashing_auto_upgrade != 'N') {
$required_algorithm = Rhymix\Framework\Password::getDefaultAlgorithm();
if ($required_algorithm !== $current_algorithm) {
$need_upgrade = true;
} else {
$required_work_factor = Rhymix\Framework\Password::getWorkFactor();
$current_work_factor = Rhymix\Framework\Password::checkWorkFactor($hashed_password);
if ($current_work_factor !== false && $required_work_factor > $current_work_factor) {
$need_upgrade = true;
} else {
$need_upgrade = false;
}
}
if ($need_upgrade) {
$args = new stdClass();
$args->member_srl = $member_srl;
$args->hashed_password = $this->hashPassword($password_text, $required_algorithm);
$oMemberController = getController('member');
$oMemberController->updateMemberPassword($args);
}
}
return true;
}
