diff options
Diffstat (limited to 'phpBB/includes')
-rw-r--r-- | phpBB/includes/acp/acp_forums.php | 26 | ||||
-rw-r--r-- | phpBB/includes/functions.php | 2 |
2 files changed, 24 insertions, 4 deletions
diff --git a/phpBB/includes/acp/acp_forums.php b/phpBB/includes/acp/acp_forums.php index 521eafe437..47e12152bc 100644 --- a/phpBB/includes/acp/acp_forums.php +++ b/phpBB/includes/acp/acp_forums.php @@ -140,6 +140,7 @@ class acp_forums 'prune_sticky' => request_var('prune_sticky', false), 'forum_password' => request_var('forum_password', '', true), 'forum_password_confirm'=> request_var('forum_password_confirm', '', true), + 'forum_password_unset' => request_var('forum_password_unset', false), ); // Use link_display_on_index setting if forum type is link @@ -603,6 +604,11 @@ class acp_forums } } } + + if (strlen($forum_data['forum_password']) == 32) + { + $errors[] = 'FORUM_PASSWORD_OLD'; + } $template->assign_vars(array( 'S_EDIT_FORUM' => true, @@ -629,8 +635,6 @@ class acp_forums 'PRUNE_DAYS' => $forum_data['prune_days'], 'PRUNE_VIEWED' => $forum_data['prune_viewed'], 'TOPICS_PER_PAGE' => $forum_data['forum_topics_per_page'], - 'FORUM_PASSWORD' => $forum_data['forum_password'], - 'FORUM_PASSWORD_CONFIRM' => $forum_data['forum_password_confirm'], 'FORUM_RULES_LINK' => $forum_data['forum_rules_link'], 'FORUM_RULES' => $forum_data['forum_rules'], 'FORUM_RULES_PREVIEW' => $forum_rules_preview, @@ -638,6 +642,7 @@ class acp_forums 'S_BBCODE_CHECKED' => ($forum_rules_data['allow_bbcode']) ? true : false, 'S_SMILIES_CHECKED' => ($forum_rules_data['allow_smilies']) ? true : false, 'S_URLS_CHECKED' => ($forum_rules_data['allow_urls']) ? true : false, + 'S_FORUM_PASSWORD_SET' => (empty($forum_data['forum_password'])) ? false : true, 'FORUM_DESC' => $forum_desc_data['text'], 'S_DESC_BBCODE_CHECKED' => ($forum_desc_data['allow_bbcode']) ? true : false, @@ -938,7 +943,22 @@ class acp_forums { return $errors; } - + + // As we don't know the old password, it's kinda tricky to detect changes + if ($forum_data_sql['forum_password_unset']) + { + $forum_data_sql['forum_password'] = ''; + } + else if (empty($forum_data_sql['forum_password'])) + { + unset($forum_data_sql['forum_password']); + } + else + { + $forum_data_sql['forum_password'] = phpbb_hash($forum_data_sql['forum_password']); + } + unset($forum_data_sql['forum_password_unset']); + if (!isset($forum_data_sql['forum_id'])) { // no forum_id means we're creating a new forum diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index d5cb2ce071..4672751232 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -2457,7 +2457,7 @@ function login_forum_box($forum_data) } $db->sql_freeresult($result); - if ($password == $forum_data['forum_password']) + if (phpbb_check_hash($password, $forum_data['forum_password'])) { $sql_ary = array( 'forum_id' => (int) $forum_data['forum_id'], |