diff options
| author | Marc Alexander <admin@m-a-styles.de> | 2013-09-14 14:17:14 +0200 |
|---|---|---|
| committer | Marc Alexander <admin@m-a-styles.de> | 2013-09-14 14:17:14 +0200 |
| commit | beafef00004007024d3c8c769d630d7d5ec9b698 (patch) | |
| tree | 42a163651d1b1598967b4f97ad68d617d35d1929 /phpBB/phpbb | |
| parent | 19512b2595cef521099a95b1ab8c24dbe51c5b2f (diff) | |
| download | forums-beafef00004007024d3c8c769d630d7d5ec9b698.tar forums-beafef00004007024d3c8c769d630d7d5ec9b698.tar.gz forums-beafef00004007024d3c8c769d630d7d5ec9b698.tar.bz2 forums-beafef00004007024d3c8c769d630d7d5ec9b698.tar.xz forums-beafef00004007024d3c8c769d630d7d5ec9b698.zip | |
[feature/passwords] Add missing function documentation
Additionally, a new line has been added to make the code look nicer.
PHPBB3-11610
Diffstat (limited to 'phpBB/phpbb')
| -rw-r--r-- | phpBB/phpbb/passwords/manager.php | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/phpBB/phpbb/passwords/manager.php b/phpBB/phpbb/passwords/manager.php index 9477ef5c2b..da6d65c487 100644 --- a/phpBB/phpbb/passwords/manager.php +++ b/phpBB/phpbb/passwords/manager.php @@ -140,6 +140,7 @@ class phpbb_passwords_manager } return $return_ary; } + if (isset($this->type_map[$match[0]])) { return $this->type_map[$match[0]]; @@ -169,7 +170,9 @@ class phpbb_passwords_manager } $hashing_algorithm = $this->container->get($type); + // Do not support 8-bit characters with $2a$ bcrypt + // Also see http://www.php.net/security/crypt_blowfish.php if ($type === 'passwords.driver.bcrypt' || ($type === 'passwords.driver.bcrypt_2y' && !$hashing_algorithm->is_supported())) { if (ord($password[strlen($password)-1]) & 128) @@ -181,6 +184,14 @@ class phpbb_passwords_manager return $this->container->get($type)->hash($password); } + /** + * Check supplied password against hash and set convert_flag if password + * needs to be converted to different format (preferrably newer one) + * + * @param string $password Password that should be checked + * @param string $hash Stored hash + * @return string|bool True if password is correct, false if not + */ public function check_hash($password, $hash) { // First find out what kind of hash we're dealing with |