/**
* Passwords prefixed with M or C might be salted passwords:
* M means: originally a md5 hash before it was salted (eg. default be_users).
* C means: originally a cleartext password with lower hash looping count generated by t3sec_saltedpw.
* Both M and C will be updated to usual salted hashes on first login of user.
*
* If a password does not start with M or C determine if a password is already a usual salted hash.
*
* @param string $password Password
* @return bool TRUE if password is a salted hash
*/
protected function isSaltedHash($password)
{
$isSaltedHash = FALSE;
if (strlen($password) > 2 && (\TYPO3\CMS\Core\Utility\GeneralUtility::isFirstPartOfStr($password, 'C$') || \TYPO3\CMS\Core\Utility\GeneralUtility::isFirstPartOfStr($password, 'M$'))) {
// Cut off M or C and test if we have a salted hash
$isSaltedHash = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::determineSaltingHashingMethod(substr($password, 1));
}
// Test if given password is a already a usual salted hash
if (!$isSaltedHash) {
$isSaltedHash = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::determineSaltingHashingMethod($password);
}
return $isSaltedHash;
}
