Project

General

Profile

« Previous | Next » 

Revision 1901

Added by darkviper over 11 years ago

little corrections in class Password

View differences:

branches/2.8.x/CHANGELOG
11 11
! = Update/Change
12 12
===============================================================================
13 13

  
14

  
14
19 Apr-2013 Build 1901 Werner v.d.Decken(DarkViper)
15
# little corrections in class Password
15 16
18 Apr-2013 Build 1900 Werner v.d.Decken(DarkViper)
16 17
+ Classes Password / PasswordHash Added for an essential strengthening of the password security
17 18
04 Apr-2013 Build 1899 Dietmar Woellbrink (Luisehahne)
branches/2.8.x/wb/admin/interface/version.php
51 51

  
52 52
// check if defined to avoid errors during installation (redirect to admin panel fails if PHP error/warnings are enabled)
53 53
if(!defined('VERSION')) define('VERSION', '2.8.3');
54
if(!defined('REVISION')) define('REVISION', '1900');
54
if(!defined('REVISION')) define('REVISION', '1901');
55 55
if(!defined('SP')) define('SP', '');
branches/2.8.x/wb/framework/initialize.php
208 208
	if(!function_exists('globalExceptionHandler')) {
209 209
		include(dirname(__FILE__).'/globalExceptionHandler.php');
210 210
	}
211
// activate secure PasswordHashes
212
	if(!class_exists('PasswordHash')) {
213
		include(dirname(dirname(__FILE__)).'/include/phpass/PasswordHash.php'); 
214
	}
215 211
// ---------------------------
216 212
// Create global database instance ---
217 213
	$database = WbDatabase::getInstance();
branches/2.8.x/wb/framework/Password.php
36 36
 */
37 37

  
38 38
// use \vendors\phpass\PasswordHash;
39
if(!class_exists('PasswordHash')) {
40
	include(dirname(dirname(__FILE__)).'/include/phpass/PasswordHash.php'); 
41
}
39 42

  
43

  
40 44
class Password extends PasswordHash
41 45
//class Password extends v_phpass_PasswordHash
42 46
{
43 47

  
44 48
	const MIN_CRYPT_LOOPS     =  6;  // minimum numbers of loops is 2^6 (64) very, very quick
45
	const MAX_CRYPT_LOOPS     = 32;  // maximum numbers of loops is 2^32 (4,294,967,296) extremely slow
49
	const MAX_CRYPT_LOOPS     = 31;  // maximum numbers of loops is 2^31 (2,147,483,648) extremely slow
46 50
	const DEFAULT_CRYPT_LOOPS = 12;  // default numbers of loopf is 2^12 (4096) a good average
47 51

  
48 52
	const HASH_TYPE_PORTABLE  = true;  // use MD5 only
......
59 63
	const PW_USE_ALL          = 0xFFFF; // use all possibilities
60 64

  
61 65
/**
66
 * 
62 67
 * @param int number of iterations as exponent of 2 (must be between 4 and 31)
63 68
 * @param bool TRUE = use MD5 only | FALSE = automatic
64 69
 */
......
70 75
 * @param string password to hash
71 76
 * @return string generated hash. Null if failed.
72 77
 */
73
	public function HashPassword($sPassword)
78
	public function hashPassword($sPassword)
74 79
	{
75 80
		$sNewHash = parent::HashPassword($sPassword);
76 81
		return ($sNewHash == '*') ? null : $sNewHash;
......
80 85
 * @param string existing stored hash
81 86
 * @return bool true if PW matches the stored hash
82 87
 */
83
	public function CheckPassword($sPassword, $sStoredHash)
88
	public function checkPassword($sPassword, $sStoredHash)
84 89
	{
85 90
		// compatibility layer for deprecated, simple and old MD5 hashes
86 91
		if(preg_match('/^[0-9a-f]{32}$/si', $sStoredHash)) {

Also available in: Unified diff