diff options
| -rw-r--r-- | phpBB/includes/functions.php | 11 | ||||
| -rw-r--r-- | phpBB/phpbb/auth/provider/db.php | 3 | ||||
| -rw-r--r-- | phpBB/phpbb/session.php | 18 | ||||
| -rw-r--r-- | tests/session/testable_factory.php | 4 |
4 files changed, 32 insertions, 4 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index c423e29d9d..31a6246d34 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2854,7 +2854,16 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa $s_hidden_fields['credential'] = $credential; } - $auth_provider = $phpbb_container->get('auth.provider.' . $config['auth_method']); + $provider_collection = $phpbb_container->get('auth.provider_collection'); + $auth_method = $config['auth_method']; + + // Revert to db auth provider if selected method does not exist + if (!isset($provider_collection['auth.provider.' . $config['auth_method']])) + { + $auth_method = 'db'; + } + + $auth_provider = $provider_collection['auth.provider.' . $auth_method]; $auth_provider_data = $auth_provider->get_login_data(); if ($auth_provider_data) diff --git a/phpBB/phpbb/auth/provider/db.php b/phpBB/phpbb/auth/provider/db.php index 3be1d3873f..d5a6b0452a 100644 --- a/phpBB/phpbb/auth/provider/db.php +++ b/phpBB/phpbb/auth/provider/db.php @@ -201,7 +201,8 @@ class db extends \phpbb\auth\provider\base // cp1252 is phpBB2's default encoding, characters outside ASCII range might work when converted into that encoding // plain md5 support left in for conversions from other systems. if ((strlen($row['user_password']) == 34 && ($this->passwords_manager->check(md5($password_old_format), $row['user_password']) || $this->passwords_manager->check(md5(utf8_to_cp1252($password_old_format)), $row['user_password']))) - || (strlen($row['user_password']) == 32 && (md5($password_old_format) == $row['user_password'] || md5(utf8_to_cp1252($password_old_format)) == $row['user_password']))) + || (strlen($row['user_password']) == 32 && (md5($password_old_format) == $row['user_password'] || md5(utf8_to_cp1252($password_old_format)) == $row['user_password'])) + || ($this->passwords_manager->check($password_old_format, $row['user_password']) || $this->passwords_manager->check($password_new_format, $row['user_password']))) { $hash = $this->passwords_manager->hash($password_new_format); diff --git a/phpBB/phpbb/session.php b/phpBB/phpbb/session.php index d286dc9cfc..c663977882 100644 --- a/phpBB/phpbb/session.php +++ b/phpBB/phpbb/session.php @@ -410,7 +410,14 @@ class session // Check whether the session is still valid if we have one $method = basename(trim($config['auth_method'])); - $provider = $phpbb_container->get('auth.provider.' . $method); + $provider_collection = $phpbb_container->get('auth.provider_collection'); + + // Revert to db auth provider if selected method does not exist + if (!isset($provider_collection['auth.provider.' . $method])) + { + $method = 'db'; + } + $provider = $provider_collection['auth.provider.' . $method]; if (!($provider instanceof \phpbb\auth\provider\provider_interface)) { @@ -579,7 +586,14 @@ class session $method = basename(trim($config['auth_method'])); - $provider = $phpbb_container->get('auth.provider.' . $method); + $provider_collection = $phpbb_container->get('auth.provider_collection'); + + // Revert to db auth provider if selected method does not exist + if (!isset($provider_collection['auth.provider.' . $method])) + { + $method = 'db'; + } + $provider = $provider_collection['auth.provider.' . $method]; $this->data = $provider->autologin(); if (sizeof($this->data)) diff --git a/tests/session/testable_factory.php b/tests/session/testable_factory.php index 81724cf661..4bd7fa1366 100644 --- a/tests/session/testable_factory.php +++ b/tests/session/testable_factory.php @@ -96,6 +96,10 @@ class phpbb_session_testable_factory 'auth.provider.db', new phpbb_mock_auth_provider() ); + $phpbb_container->set( + 'auth.provider_collection', + array('auth.provider.db' => $phpbb_container->get('auth.provider.db')) + ); $session = new phpbb_mock_session_testable; return $session; |