Code Coverage
 
Lines
Functions and Methods
Classes and Traits
Total
90.91% covered (success)
90.91%
10 / 11
80.00% covered (warning)
80.00%
4 / 5
 CRAP
0.00% covered (danger)
0.00%
0 / 1
bcrypt_wcf2
90.91% covered (success)
90.91%
10 / 11
80.00% covered (warning)
80.00%
4 / 5
 8.05
0.00% covered (danger)
0.00%
0 / 1
 __construct
100.00% covered (success)
100.00%
2 / 2
100.00% covered (success)
100.00%
1 / 1
 1
 get_prefix
100.00% covered (success)
100.00%
1 / 1
100.00% covered (success)
100.00%
1 / 1
 1
 is_legacy
100.00% covered (success)
100.00%
1 / 1
100.00% covered (success)
100.00%
1 / 1
 1
 hash
100.00% covered (success)
100.00%
1 / 1
100.00% covered (success)
100.00%
1 / 1
 1
 check
83.33% covered (warning)
83.33%
5 / 6
0.00% covered (danger)
0.00%
0 / 1
 4.07
1<?php
2/**
3*
4* This file is part of the phpBB Forum Software package.
5*
6* @copyright (c) phpBB Limited <https://www.phpbb.com>
7* @license GNU General Public License, version 2 (GPL-2.0)
8*
9* For full copyright and license information, please see
10* the docs/CREDITS.txt file.
11*
12*/
13
14namespace phpbb\passwords\driver;
15
16class bcrypt_wcf2 extends base
17{
18    const PREFIX = '$wcf2$';
19
20    /** @var \phpbb\passwords\driver\bcrypt */
21    protected $bcrypt;
22
23    /** @var \phpbb\passwords\driver\helper */
24    protected $helper;
25
26    /**
27    * Constructor of passwords driver object
28    *
29    * @param \phpbb\passwords\driver\bcrypt $bcrypt Salted md5 driver
30    * @param \phpbb\passwords\driver\helper $helper Password driver helper
31    */
32    public function __construct(\phpbb\passwords\driver\bcrypt $bcrypt, helper $helper)
33    {
34        $this->bcrypt = $bcrypt;
35        $this->helper = $helper;
36    }
37
38    /**
39    * {@inheritdoc}
40    */
41    public function get_prefix()
42    {
43        return self::PREFIX;
44    }
45
46    /**
47    * {@inheritdoc}
48    */
49    public function is_legacy()
50    {
51        return true;
52    }
53
54    /**
55    * {@inheritdoc}
56    */
57    public function hash($password, $user_row = '')
58    {
59        // Do not support hashing
60        return false;
61    }
62
63    /**
64    * {@inheritdoc}
65    */
66    public function check($password, $hash, $user_row = array())
67    {
68        if (empty($hash) || strlen($hash) != 60)
69        {
70            return false;
71        }
72        else
73        {
74            $salt = substr($hash, 0, 29);
75
76            if (strlen($salt) != 29)
77            {
78                return false;
79            }
80            // Works for standard WCF 2.x, i.e. WBB4 and similar
81            return $this->helper->string_compare($hash, $this->bcrypt->hash($this->bcrypt->hash($password, $salt), $salt));
82        }
83    }
84}