Code Coverage
 
Lines
Functions and Methods
Classes and Traits
Total
100.00% covered (success)
100.00%
9 / 9
100.00% covered (success)
100.00%
4 / 4
CRAP
100.00% covered (success)
100.00%
1 / 1
sha_xf1
100.00% covered (success)
100.00%
9 / 9
100.00% covered (success)
100.00%
4 / 4
10
100.00% covered (success)
100.00%
1 / 1
 get_prefix
100.00% covered (success)
100.00%
1 / 1
100.00% covered (success)
100.00%
1 / 1
1
 is_legacy
100.00% covered (success)
100.00%
1 / 1
100.00% covered (success)
100.00%
1 / 1
1
 hash
100.00% covered (success)
100.00%
1 / 1
100.00% covered (success)
100.00%
1 / 1
1
 check
100.00% covered (success)
100.00%
6 / 6
100.00% covered (success)
100.00%
1 / 1
7
1<?php
2/**
3*
4* This file is part of the phpBB Forum Software package.
5*
6* @copyright (c) phpBB Limited <https://www.phpbb.com>
7* @license GNU General Public License, version 2 (GPL-2.0)
8*
9* For full copyright and license information, please see
10* the docs/CREDITS.txt file.
11*
12*/
13
14namespace phpbb\passwords\driver;
15
16class sha_xf1 extends base
17{
18    const PREFIX = '$xf1$';
19
20    /**
21    * {@inheritdoc}
22    */
23    public function get_prefix()
24    {
25        return self::PREFIX;
26    }
27
28    /**
29    * {@inheritdoc}
30    */
31    public function is_legacy()
32    {
33        return true;
34    }
35
36    /**
37    * {@inheritdoc}
38    */
39    public function hash($password, $user_row = '')
40    {
41        // Do not support hashing
42        return false;
43    }
44
45    /**
46    * {@inheritdoc}
47    */
48    public function check($password, $hash, $user_row = array())
49    {
50        if (empty($hash) || (strlen($hash) != 40 && strlen($hash) != 64) || !isset($user_row['user_passwd_salt']))
51        {
52            return false;
53        }
54        else
55        {
56            // Works for xenforo 1.0, 1.1
57            if ($this->helper->string_compare($hash, sha1(sha1($password) . $user_row['user_passwd_salt']))
58                || $this->helper->string_compare($hash, hash('sha256', hash('sha256', $password) . $user_row['user_passwd_salt'])))
59            {
60                return true;
61            }
62            else
63            {
64                return false;
65            }
66        }
67    }
68}