diff options
| author | Marc Alexander <admin@m-a-styles.de> | 2014-05-01 14:23:39 +0200 |
|---|---|---|
| committer | Marc Alexander <admin@m-a-styles.de> | 2014-06-01 21:31:04 +0200 |
| commit | ed1d4fe4a03c55bbc997f11afa11a87b4fe78c4d (patch) | |
| tree | 25f29200b3fab2d6426f17e4f75e677fffc08c7e /phpBB/phpbb | |
| parent | 68f59defb041a719519547fdd34f25258a60a38e (diff) | |
| download | forums-ed1d4fe4a03c55bbc997f11afa11a87b4fe78c4d.tar forums-ed1d4fe4a03c55bbc997f11afa11a87b4fe78c4d.tar.gz forums-ed1d4fe4a03c55bbc997f11afa11a87b4fe78c4d.tar.bz2 forums-ed1d4fe4a03c55bbc997f11afa11a87b4fe78c4d.tar.xz forums-ed1d4fe4a03c55bbc997f11afa11a87b4fe78c4d.zip | |
[ticket/12352] Revert to db auth provider if default does not exist
This will make sure that we will not encounter a non-existing auth provider.
We will revert to the default db auth provider if the one set in the config
does not exist in our auth provider collection.
PHPBB3-12352
Diffstat (limited to 'phpBB/phpbb')
| -rw-r--r-- | phpBB/phpbb/auth/provider/db.php | 3 | ||||
| -rw-r--r-- | phpBB/phpbb/session.php | 18 |
2 files changed, 18 insertions, 3 deletions
diff --git a/phpBB/phpbb/auth/provider/db.php b/phpBB/phpbb/auth/provider/db.php index 3be1d3873f..d5a6b0452a 100644 --- a/phpBB/phpbb/auth/provider/db.php +++ b/phpBB/phpbb/auth/provider/db.php @@ -201,7 +201,8 @@ class db extends \phpbb\auth\provider\base // cp1252 is phpBB2's default encoding, characters outside ASCII range might work when converted into that encoding // plain md5 support left in for conversions from other systems. if ((strlen($row['user_password']) == 34 && ($this->passwords_manager->check(md5($password_old_format), $row['user_password']) || $this->passwords_manager->check(md5(utf8_to_cp1252($password_old_format)), $row['user_password']))) - || (strlen($row['user_password']) == 32 && (md5($password_old_format) == $row['user_password'] || md5(utf8_to_cp1252($password_old_format)) == $row['user_password']))) + || (strlen($row['user_password']) == 32 && (md5($password_old_format) == $row['user_password'] || md5(utf8_to_cp1252($password_old_format)) == $row['user_password'])) + || ($this->passwords_manager->check($password_old_format, $row['user_password']) || $this->passwords_manager->check($password_new_format, $row['user_password']))) { $hash = $this->passwords_manager->hash($password_new_format); diff --git a/phpBB/phpbb/session.php b/phpBB/phpbb/session.php index d286dc9cfc..c663977882 100644 --- a/phpBB/phpbb/session.php +++ b/phpBB/phpbb/session.php @@ -410,7 +410,14 @@ class session // Check whether the session is still valid if we have one $method = basename(trim($config['auth_method'])); - $provider = $phpbb_container->get('auth.provider.' . $method); + $provider_collection = $phpbb_container->get('auth.provider_collection'); + + // Revert to db auth provider if selected method does not exist + if (!isset($provider_collection['auth.provider.' . $method])) + { + $method = 'db'; + } + $provider = $provider_collection['auth.provider.' . $method]; if (!($provider instanceof \phpbb\auth\provider\provider_interface)) { @@ -579,7 +586,14 @@ class session $method = basename(trim($config['auth_method'])); - $provider = $phpbb_container->get('auth.provider.' . $method); + $provider_collection = $phpbb_container->get('auth.provider_collection'); + + // Revert to db auth provider if selected method does not exist + if (!isset($provider_collection['auth.provider.' . $method])) + { + $method = 'db'; + } + $provider = $provider_collection['auth.provider.' . $method]; $this->data = $provider->autologin(); if (sizeof($this->data)) |