Code Coverage for /data/phpBB/phpbb/passwords/driver/md5

	Code Coverage
	Lines			Functions and Methods				Classes and Traits
Total	100.00% covered (success)	100.00%	26 / 26	100.00% covered (success)	100.00%	5 / 5	CRAP	100.00% covered (success)	100.00%	1 / 1
md5_phpbb2	100.00% covered (success)	100.00%	26 / 26	100.00% covered (success)	100.00%	5 / 5	16	100.00% covered (success)	100.00%	1 / 1
__construct	100.00% covered (success)	100.00%	5 / 5	100.00% covered (success)	100.00%	1 / 1	1
get_prefix	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	1 / 1	1
is_legacy	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	1 / 1	1
hash	100.00% covered (success)	100.00%	1 / 1	100.00% covered (success)	100.00%	1 / 1	1
check	100.00% covered (success)	100.00%	18 / 18	100.00% covered (success)	100.00%	1 / 1	12

1	<?php
2	/**
3	*
4	* This file is part of the phpBB Forum Software package.
5	*
6	* @copyright (c) phpBB Limited <https://www.phpbb.com>
7	* @license GNU General Public License, version 2 (GPL-2.0)
8	*
9	* For full copyright and license information, please see
10	* the docs/CREDITS.txt file.
11	*
12	*/
13
14	namespace phpbb\passwords\driver;
15
16	class md5_phpbb2 extends base
17	{
18	const PREFIX = '$md5_phpbb2$';
19
20	/** @var \phpbb\request\request phpBB request object */
21	protected $request;
22
23	/** @var \phpbb\passwords\driver\salted_md5 */
24	protected $salted_md5;
25
26	/** @var \phpbb\passwords\driver\helper */
27	protected $helper;
28
29	/** @var string phpBB root path */
30	protected $phpbb_root_path;
31
32	/** @var string php file extension */
33	protected $php_ext;
34
35	/**
36	* Constructor of passwords driver object
37	*
38	* @param \phpbb\request\request $request phpBB request object
39	* @param \phpbb\passwords\driver\salted_md5 $salted_md5 Salted md5 driver
40	* @param \phpbb\passwords\driver\helper $helper Driver helper
41	* @param string $phpbb_root_path phpBB root path
42	* @param string $php_ext PHP file extension
43	*/
44	public function __construct($request, salted_md5 $salted_md5, helper $helper, $phpbb_root_path, $php_ext)
45	{
46	$this->request = $request;
47	$this->salted_md5 = $salted_md5;
48	$this->helper = $helper;
49	$this->phpbb_root_path = $phpbb_root_path;
50	$this->php_ext = $php_ext;
51	}
52
53	/**
54	* {@inheritdoc}
55	*/
56	public function get_prefix()
57	{
58	return self::PREFIX;
59	}
60
61	/**
62	* {@inheritdoc}
63	*/
64	public function is_legacy()
65	{
66	return true;
67	}
68
69	/**
70	* {@inheritdoc}
71	*/
72	public function hash($password, $user_row = '')
73	{
74	// Do not support hashing
75	return false;
76	}
77
78	/**
79	* {@inheritdoc}
80	*/
81	public function check($password, $hash, $user_row = array())
82	{
83	if (strlen($hash) != 32 && strlen($hash) != 34)
84	{
85	return false;
86	}
87
88	// enable super globals to get literal value
89	// this is needed to prevent unicode normalization
90	$super_globals_disabled = $this->request->super_globals_disabled();
91	if ($super_globals_disabled)
92	{
93	$this->request->enable_super_globals();
94	}
95
96	// in phpBB2 passwords were used exactly as they were sent, with addslashes applied
97	$password_old_format = isset($_REQUEST['password']) ? (string) $_REQUEST['password'] : '';
98	$password_old_format = addslashes($password_old_format);
99	$password_new_format = $this->request->variable('password', '', true);
100
101	if ($super_globals_disabled)
102	{
103	$this->request->disable_super_globals();
104	}
105
106	if ($password == $password_new_format)
107	{
108	if (!function_exists('utf8_to_cp1252'))
109	{
110	include($this->phpbb_root_path . 'includes/utf/data/recode_basic.' . $this->php_ext);
111	}
112
113	if ($this->helper->string_compare(md5($password_old_format), $hash) \|\| $this->helper->string_compare(md5(\utf8_to_cp1252($password_old_format)), $hash)
114	\|\| $this->salted_md5->check(md5($password_old_format), $hash) === true
115	\|\| $this->salted_md5->check(md5(\utf8_to_cp1252($password_old_format)), $hash) === true)
116	{
117	return true;
118	}
119	}
120
121	return false;
122	}
123	}