From 2e453eb2cb682031d7e521d23c3904c8dfeef70c Mon Sep 17 00:00:00 2001 From: Marc Alexander Date: Fri, 19 Jul 2013 20:14:25 +0200 Subject: [feature/passwords] Add legacy support for md5 passwords PHPBB3-11610 --- phpBB/includes/crypto/driver/salted_md5.php | 4 ++-- phpBB/includes/crypto/manager.php | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'phpBB/includes/crypto') diff --git a/phpBB/includes/crypto/driver/salted_md5.php b/phpBB/includes/crypto/driver/salted_md5.php index 76bbdccbc4..c5a8345453 100644 --- a/phpBB/includes/crypto/driver/salted_md5.php +++ b/phpBB/includes/crypto/driver/salted_md5.php @@ -82,9 +82,9 @@ class phpbb_crypto_driver_salted_md5 extends phpbb_crypto_driver_base */ public function check($password, $hash) { - if (strlen($hash) != 34) + if (strlen($hash) !== 34) { - return false; + return (md5($password) === $hash) ? true : false; } // No need to check prefix, already did that in manage diff --git a/phpBB/includes/crypto/manager.php b/phpBB/includes/crypto/manager.php index 7f95bcdf60..753a86ae84 100644 --- a/phpBB/includes/crypto/manager.php +++ b/phpBB/includes/crypto/manager.php @@ -112,7 +112,7 @@ class phpbb_crypto_manager */ if (!preg_match('#^\$([a-zA-Z0-9\\\]*?)\$#', $hash, $match)) { - return false; + return $this->type_map['$H$']; } // Be on the lookout for multiple hashing algorithms -- cgit v1.2.1