diff options
| author | Marc Alexander <admin@m-a-styles.de> | 2013-10-10 12:01:10 +0200 |
|---|---|---|
| committer | Marc Alexander <admin@m-a-styles.de> | 2013-10-10 12:01:10 +0200 |
| commit | fdf9ae7c18146ce58531bc6bbbb1eff5461691d2 (patch) | |
| tree | 09da3943b55ea50009d94c6c8ae7782db805173c /phpBB/phpbb/passwords/driver | |
| parent | cd74fb094629cf07209b4fa13ebf0ddf5b4ce47c (diff) | |
| download | forums-fdf9ae7c18146ce58531bc6bbbb1eff5461691d2.tar forums-fdf9ae7c18146ce58531bc6bbbb1eff5461691d2.tar.gz forums-fdf9ae7c18146ce58531bc6bbbb1eff5461691d2.tar.bz2 forums-fdf9ae7c18146ce58531bc6bbbb1eff5461691d2.tar.xz forums-fdf9ae7c18146ce58531bc6bbbb1eff5461691d2.zip | |
[feature/passwords] Increase test coverage to 100% of methods
Obsolete code that is impossible to hit has been removed and the logic
of the salted md5 driver has been changed to correctly implement the
phpBB 3.0 phpbb_hash() function.
PHPBB3-11610
Diffstat (limited to 'phpBB/phpbb/passwords/driver')
| -rw-r--r-- | phpBB/phpbb/passwords/driver/salted_md5.php | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/phpBB/phpbb/passwords/driver/salted_md5.php b/phpBB/phpbb/passwords/driver/salted_md5.php index 23ae25c0c9..c44da540a6 100644 --- a/phpBB/phpbb/passwords/driver/salted_md5.php +++ b/phpBB/phpbb/passwords/driver/salted_md5.php @@ -41,7 +41,13 @@ class salted_md5 extends \phpbb\passwords\driver\base { if (($settings = $this->get_hash_settings($setting)) === false) { - return false; + // Return md5 of password if settings do not + // comply with our standards. This will only + // happen if pre-determined settings are + // directly passed to the driver. The manager + // will not do this. Same as the old hashing + // implementatio in phpBB 3.0 + return md5($password); } } else @@ -59,13 +65,7 @@ class salted_md5 extends \phpbb\passwords\driver\base $output = $settings['full']; $output .= $this->helper->hash_encode64($hash, 16); - if (strlen($output) == 34) - { - return $output; - } - - // Should we really just return the md5 of the password? O.o - return md5($password); + return $output; } /** |