Index: branches/2.8.x/CHANGELOG
===================================================================
--- branches/2.8.x/CHANGELOG	(revision 1931)
+++ branches/2.8.x/CHANGELOG	(revision 1932)
@@ -11,6 +11,8 @@
 ! = Update/Change
 ===============================================================================
 
+13 Jul-2013 Build 1932 Werner v.d.Decken(DarkViper)
+! modified class Password for use with different hashing classes
 09 Jul-2013 Build 1931 Werner v.d.Decken(DarkViper)
 # typofixes in /install/save.php
 09 Jul-2013 Build 1930 Werner v.d.Decken(DarkViper)
Index: branches/2.8.x/wb/include/phpass/PasswordHash.php
===================================================================
--- branches/2.8.x/wb/include/phpass/PasswordHash.php	(revision 1931)
+++ branches/2.8.x/wb/include/phpass/PasswordHash.php	(revision 1932)
@@ -26,13 +26,14 @@
  * requirements (there can be none), but merely suggestions.
  */
 
-class PasswordHash {
+class PasswordHash implements PasswordHashInterface {
 	protected $itoa64;
 	protected $itoa64BlowFish;
 	protected $random_state;
-	protected $iteration_count_log2;
-	protected $portable_hashes;
 
+	public $iteration_count_log2;
+	public $portable_hashes;
+
 	public function __construct($iteration_count_log2, $portable_hashes)
 	{
 		$this->itoa64         = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
@@ -48,6 +49,17 @@
 			$this->random_state .= getmypid();
 		}
 	}
+/** Begin inserted function for WebsiteBaker by M.v.d.Decken **/
+/**
+ * Interface compatibility methode to set values
+ * @param int  $iIterations number of iterations
+ * @param bool $bHashType   type of encoding
+ */
+	public function setParams($iIterations, $bHashType){
+		$this->iteration_count_log2 = $iIterations;
+		$this->portable_hashes = $bHashType;
+	}
+/** End inserted function for WebsiteBaker by M.v.d.Decken **/
 
 	private function get_random_bytes($count)
 	{
@@ -145,7 +157,7 @@
 		$output .= $this->encode64($input, 3);
 		return $output;
 	}
-/** Begin inserted function for WebsiteBaker by W.v.d.Decken **/	
+/** Begin inserted function for WebsiteBaker by M.v.d.Decken **/
 /**
  * 
  * @param type $input
Index: branches/2.8.x/wb/admin/interface/version.php
===================================================================
--- branches/2.8.x/wb/admin/interface/version.php	(revision 1931)
+++ branches/2.8.x/wb/admin/interface/version.php	(revision 1932)
@@ -51,5 +51,5 @@
 
 // check if defined to avoid errors during installation (redirect to admin panel fails if PHP error/warnings are enabled)
 if(!defined('VERSION')) define('VERSION', '2.8.3');
-if(!defined('REVISION')) define('REVISION', '1931');
+if(!defined('REVISION')) define('REVISION', '1932');
 if(!defined('SP')) define('SP', '');
Index: branches/2.8.x/wb/framework/initialize.php
===================================================================
--- branches/2.8.x/wb/framework/initialize.php	(revision 1931)
+++ branches/2.8.x/wb/framework/initialize.php	(revision 1932)
@@ -341,8 +341,10 @@
 										 'WbOldStyle',
 										 (DEBUG ? Translate::CACHE_DISABLED|Translate::KEEP_MISSING : 0)
 										);
-	$oPass = Password::getInstance();
+	if(!class_exists('PasswordHash')) { include(WB_PATH.'/include/phpass/PasswordHash.php'); }
+
+	$oPass = Password::getInstance(new PasswordHash(Password::CRYPT_LOOPS_DEFAULT, Password::HASH_TYPE_AUTO));
 	if(defined('PASSWORD_CRYPT_LOOPS')) { $oPass->setIteration(PASSWORD_CRYPT_LOOPS); }
-	if(defined('PASSWORD_HASH_TYPES'))  { $oPass->setIteration(PASSWORD_HASH_TYPES); }
+	if(defined('PASSWORD_HASH_TYPES'))  { $oPass->setHashType(PASSWORD_HASH_TYPES); }
 // *** END OF FILE ***********************************************************************
  
\ No newline at end of file
Index: branches/2.8.x/wb/framework/Password.php
===================================================================
--- branches/2.8.x/wb/framework/Password.php	(revision 1931)
+++ branches/2.8.x/wb/framework/Password.php	(revision 1932)
@@ -35,7 +35,7 @@
 	include(dirname(dirname(__FILE__)).'/include/phpass/PasswordHash.php');
 }
 
-class Password extends PasswordHash
+class Password
 {
 
 	const CRYPT_LOOPS_MIN     =  6;  // minimum numbers of loops is 2^6 (64) very quick but unsecure
@@ -58,7 +58,7 @@
 	/** holds the active singleton instance */
 	private static $_oInstance     = null;
 
-	protected $oHashMethods        = null;
+	private   $oPwHashClass        = null;
 	protected $iIterationCountLog2 = self::CRYPT_LOOPS_DEFAULT;
 	protected $bPortableHashes     = self::HASH_TYPE_AUTO;
 
@@ -67,7 +67,6 @@
  */
 	protected function __construct()
 	{
-		parent::__construct(self::CRYPT_LOOPS_DEFAULT, self::HASH_TYPE_AUTO);
 	}
 /**
  * dissable cloning
@@ -79,15 +78,20 @@
  * get current instance or create new one
  * @return Password
  */
-	public static function getInstance()
+	public static function getInstance($oPwHash = null)
 	{
 		if( is_null(self::$_oInstance) ) {
-            $c = __CLASS__;
-            self::$_oInstance = new $c;
-			self::$_oInstance->setIteration(self::CRYPT_LOOPS_DEFAULT);
-			self::$_oInstance->setHashType(self::HASH_TYPE_AUTO);
+			if(is_object($oPwHash) && ($oPwHash instanceof PasswordHashInterface) ) {
+				$c = __CLASS__;
+				self::$_oInstance = new $c;
+				self::$_oInstance->oPwHashClass = $oPwHash;
+				self::$_oInstance->setIteration(self::CRYPT_LOOPS_DEFAULT);
+				self::$_oInstance->setHashType(self::HASH_TYPE_AUTO);
+			}else {
+				throw new PasswordException('hashing class is not an object or does not implement PasswordHashInterface');
+			}
 		}
-		return self::$oInstance;
+		return self::$_oInstance;
 	}
 /**
  * set the number of iterations
@@ -95,7 +99,8 @@
  */
 	public function setIteration($iIterationCountLog2 = self::CRYPT_LOOPS_DEFAULT)
 	{
-		$this->iteration_count_log2 = min(max($iIterationCountLog2, self::CRYPT_LOOPS_MIN), self::CRYPT_LOOPS_MAX);
+		$this->$iIterationCountLog2 = min(max($iIterationCountLog2, self::CRYPT_LOOPS_MIN), self::CRYPT_LOOPS_MAX);
+		$this->oPwHashClass->setParams($this->iIterationCountLog2, $this->bPortableHashes);
 	}
 /**
  * set type of hash generation
@@ -107,10 +112,11 @@
 	public function setHashType($bPortableHashes = self::HASH_TYPE_AUTO)
 	{
 		if(version_compare('5.3', PHP_VERSION, '<')) {
-			$this->portable_hashes = self::HASH_TYPE_PORTABLE;
+			$this->bPortableHashes = self::HASH_TYPE_PORTABLE;
 		}else {
-			$this->portable_hashes = (boolean)$bPortableHashes;
+			$this->bPortableHashes = (boolean)$bPortableHashes;
 		}
+		$this->oPwHashClass->setParams($this->iIterationCountLog2, $this->bPortableHashes);
 	}
 /**
  * make hash from password
@@ -119,7 +125,10 @@
  */
 	public function makeHash($sPassword)
 	{
-		$sNewHash = parent::HashPassword($sPassword);
+		if(!is_object($this->oPwHashClass)) {
+			throw new PasswordException('Missing Object to calculate hashes');
+		}
+		$sNewHash = $this->oPwHashClass->HashPassword($sPassword);
 		return ($sNewHash == '*') ? null : $sNewHash;
 	}
 /**
@@ -129,11 +138,14 @@
  */
 	public function checkIt($sPassword, $sStoredHash)
 	{
+		if(!is_object($this->oPwHashClass)) {
+			throw new PasswordException('Missing Object to calculate hashes');
+		}
 		// compatibility layer for deprecated, simple and old MD5 hashes
 		if(preg_match('/^[0-9a-f]{32}$/si', $sStoredHash)) {
 			return (md5($sPassword) === $sStoredHash);
 		}
-		return parent::CheckPassword($sPassword, $sStoredHash);
+		return $this->oPwHashClass->CheckPassword($sPassword, $sStoredHash);
 	}
 /**
  * Check password for forbidden characters
@@ -250,4 +262,18 @@
 		return $aPassword;
 	}
 
-} // end of class PasswordHash
+} // end of class Password
+// //////////////////////////////////////////////////////////////////////////////////// //
+/**
+ * PasswordException
+ *
+ * @category     WBCore
+ * @package      WBCore_Security
+ * @author       Werner v.d.Decken <wkl@isteam.de>
+ * @copyright    Werner v.d.Decken <wkl@isteam.de>
+ * @license      http://www.gnu.org/licenses/gpl.html   GPL License
+ * @version      2.9.0
+ * @revision     $Revision$
+ * @lastmodified $Date$
+ */
+class PasswordException extends AppException { }
Index: branches/2.8.x/wb/framework/PasswordHashInterface.php
===================================================================
--- branches/2.8.x/wb/framework/PasswordHashInterface.php	(nonexistent)
+++ branches/2.8.x/wb/framework/PasswordHashInterface.php	(revision 1932)
@@ -0,0 +1,43 @@
+<?php
+
+/**
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+/**
+ * PasswordHashInterface.php
+ *
+ * @category     Core
+ * @package      Core_Security
+ * @copyright    M.v.d.Decken <manuela@isteam.de>
+ * @author       M.v.d.Decken <manuela@isteam.de>
+ * @license      http://www.gnu.org/licenses/gpl.html   GPL License
+ * @version      0.0.1
+ * @revision     $Revision: $
+ * @link         $HeadURL: $
+ * @lastmodified $Date: $
+ * @since        File available since 10.07.2013
+ * @deprecated   This interface is deprecated since the ...
+ * @description  xyz
+ */
+interface PasswordHashInterface {
+	public function __construct($iteration_count_log2, $portable_hashes);
+	public function HashPassword($password);
+	public function CheckPassword($password, $stored_hash);
+	public function setParams($iIterations, $bHashType);
+}
+
+// end of class PasswordHashInterface