diff options
| author | Marc Alexander <admin@m-a-styles.de> | 2013-10-13 16:32:37 +0200 |
|---|---|---|
| committer | Marc Alexander <admin@m-a-styles.de> | 2013-10-13 16:32:37 +0200 |
| commit | 61f60d395a5f16105a18790f2f73eddcd830e475 (patch) | |
| tree | a0a39ca19423eeae3ed6d4fe15e9f5023946685f /phpBB/includes/acp/acp_users.php | |
| parent | e674313559c0aa4705923fd79312ef14117abb9b (diff) | |
| download | forums-61f60d395a5f16105a18790f2f73eddcd830e475.tar forums-61f60d395a5f16105a18790f2f73eddcd830e475.tar.gz forums-61f60d395a5f16105a18790f2f73eddcd830e475.tar.bz2 forums-61f60d395a5f16105a18790f2f73eddcd830e475.tar.xz forums-61f60d395a5f16105a18790f2f73eddcd830e475.zip | |
[feature/passwords] Use passwords manager service instead of functions
The old functions phpbb_hash() and phpbb_check_hash() have been replaced with
the passwords manager service in all front-end related files. The phpBB2
converter and the release_3_0_5_rc1 migration file have not been changed.
The same applies to the security/hash_test that still tests the function
phpbb_check_hash(). This will however make sure that the old function
still works.
PHPBB3-11610
Diffstat (limited to 'phpBB/includes/acp/acp_users.php')
| -rw-r--r-- | phpBB/includes/acp/acp_users.php | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index 8853200ddc..2d560e41f3 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -821,9 +821,12 @@ class acp_users $error[] = 'FORM_INVALID'; } + // Instantiate passwords manager + $passwords_manager = $phpbb_container->get('passwords.manager'); + // Which updates do we need to do? $update_username = ($user_row['username'] != $data['username']) ? $data['username'] : false; - $update_password = ($data['new_password'] && !phpbb_check_hash($data['new_password'], $user_row['user_password'])) ? true : false; + $update_password = ($data['new_password'] && !$passwords_manager->check($data['new_password'], $user_row['user_password'])) ? true : false; $update_email = ($data['email'] != $user_row['user_email']) ? $data['email'] : false; if (!sizeof($error)) @@ -907,7 +910,7 @@ class acp_users if ($update_password) { $sql_ary += array( - 'user_password' => phpbb_hash($data['new_password']), + 'user_password' => $passwords_manager->hash($data['new_password']), 'user_passchg' => time(), 'user_pass_convert' => 0, ); |