Code Coverage |
||||||||||
Classes and Traits |
Functions and Methods |
Lines |
||||||||
| Total | |
100.00% |
1 / 1 |
|
100.00% |
5 / 5 |
CRAP | |
100.00% |
35 / 35 |
| md5_phpbb2 | |
100.00% |
1 / 1 |
|
100.00% |
5 / 5 |
16 | |
100.00% |
35 / 35 |
| __construct | |
100.00% |
1 / 1 |
1 | |
100.00% |
6 / 6 |
|||
| get_prefix | |
100.00% |
1 / 1 |
1 | |
100.00% |
1 / 1 |
|||
| is_legacy | |
100.00% |
1 / 1 |
1 | |
100.00% |
1 / 1 |
|||
| hash | |
100.00% |
1 / 1 |
1 | |
100.00% |
1 / 1 |
|||
| check | |
100.00% |
1 / 1 |
12 | |
100.00% |
26 / 26 |
|||
| <?php | |
| /** | |
| * | |
| * This file is part of the phpBB Forum Software package. | |
| * | |
| * @copyright (c) phpBB Limited <https://www.phpbb.com> | |
| * @license GNU General Public License, version 2 (GPL-2.0) | |
| * | |
| * For full copyright and license information, please see | |
| * the docs/CREDITS.txt file. | |
| * | |
| */ | |
| namespace phpbb\passwords\driver; | |
| class md5_phpbb2 extends base | |
| { | |
| const PREFIX = '$md5_phpbb2$'; | |
| /** @var \phpbb\request\request phpBB request object */ | |
| protected $request; | |
| /** @var \phpbb\passwords\driver\salted_md5 */ | |
| protected $salted_md5; | |
| /** @var \phpbb\passwords\driver\helper */ | |
| protected $helper; | |
| /** @var string phpBB root path */ | |
| protected $phpbb_root_path; | |
| /** @var string php file extension */ | |
| protected $php_ext; | |
| /** | |
| * Constructor of passwords driver object | |
| * | |
| * @param \phpbb\request\request $request phpBB request object | |
| * @param \phpbb\passwords\driver\salted_md5 $salted_md5 Salted md5 driver | |
| * @param \phpbb\passwords\driver\helper $helper Driver helper | |
| * @param string $phpbb_root_path phpBB root path | |
| * @param string $php_ext PHP file extension | |
| */ | |
| public function __construct($request, salted_md5 $salted_md5, helper $helper, $phpbb_root_path, $php_ext) | |
| { | |
| $this->request = $request; | |
| $this->salted_md5 = $salted_md5; | |
| $this->helper = $helper; | |
| $this->phpbb_root_path = $phpbb_root_path; | |
| $this->php_ext = $php_ext; | |
| } | |
| /** | |
| * {@inheritdoc} | |
| */ | |
| public function get_prefix() | |
| { | |
| return self::PREFIX; | |
| } | |
| /** | |
| * {@inheritdoc} | |
| */ | |
| public function is_legacy() | |
| { | |
| return true; | |
| } | |
| /** | |
| * {@inheritdoc} | |
| */ | |
| public function hash($password, $user_row = '') | |
| { | |
| // Do not support hashing | |
| return false; | |
| } | |
| /** | |
| * {@inheritdoc} | |
| */ | |
| public function check($password, $hash, $user_row = array()) | |
| { | |
| if (strlen($hash) != 32 && strlen($hash) != 34) | |
| { | |
| return false; | |
| } | |
| // enable super globals to get literal value | |
| // this is needed to prevent unicode normalization | |
| $super_globals_disabled = $this->request->super_globals_disabled(); | |
| if ($super_globals_disabled) | |
| { | |
| $this->request->enable_super_globals(); | |
| } | |
| // in phpBB2 passwords were used exactly as they were sent, with addslashes applied | |
| $password_old_format = isset($_REQUEST['password']) ? (string) $_REQUEST['password'] : ''; | |
| $password_old_format = addslashes($password_old_format); | |
| $password_new_format = $this->request->variable('password', '', true); | |
| if ($super_globals_disabled) | |
| { | |
| $this->request->disable_super_globals(); | |
| } | |
| if ($password == $password_new_format) | |
| { | |
| if (!function_exists('utf8_to_cp1252')) | |
| { | |
| include($this->phpbb_root_path . 'includes/utf/data/recode_basic.' . $this->php_ext); | |
| } | |
| if ($this->helper->string_compare(md5($password_old_format), $hash) || $this->helper->string_compare(md5(\utf8_to_cp1252($password_old_format)), $hash) | |
| || $this->salted_md5->check(md5($password_old_format), $hash) === true | |
| || $this->salted_md5->check(md5(\utf8_to_cp1252($password_old_format)), $hash) === true) | |
| { | |
| return true; | |
| } | |
| } | |
| return false; | |
| } | |
| } |