[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-cvs] api/class.auth.php, 1.1.1.1.2.11
From: |
nomail |
Subject: |
[Phpgroupware-cvs] api/class.auth.php, 1.1.1.1.2.11 |
Date: |
Fri, 9 Jul 2004 16:49:26 +0200 |
Update of /api
Modified Files:
Branch: proposal-branch
class.auth.php
date: 2004/07/09 14:49:26; author: dcech; state: Exp; lines: +19 -13
Log Message:
Improved login checking routines - this still needs better error reporting
Added support for applications returning errors to browser and SOAP interfaces
Added start and error functions to qa class
=====================================================================
Index: api/class.auth.php
diff -u api/class.auth.php:1.1.1.1.2.10 api/class.auth.php:1.1.1.1.2.11
--- api/class.auth.php:1.1.1.1.2.10 Tue Jul 6 07:23:58 2004
+++ api/class.auth.php Fri Jul 9 14:49:26 2004
@@ -87,43 +87,49 @@
}
}
- function _verify_password($u_passwd,$h_passwd,$type)
+ function _verify_password()
{
- switch ($type)
+ $args = new safe_args();
+ $args->set('u_passwd', REQUIRED, 'any');
+ $args->set('h_passwd', REQUIRED, 'any');
+ $args->set('type', 'MD5', 'any');
+ $args = $args->get(func_get_args());
+
+ switch ($args['type'])
{
case 'SSHA':
- $h_passwd =
base64_decode($h_passwd);
- $original_hash = substr($h_passwd, 0,
20);
- $salt = substr($h_passwd, 20);
- $new_hash = mhash(MHASH_SHA1,
$u_passwd . $salt);
+ $h_passwd =
base64_decode($args['h_passwd']);
+ $original_hash =
substr($args['h_passwd'], 0, 20);
+ $salt =
substr($args['h_passwd'], 20);
+ $new_hash = mhash(MHASH_SHA1,
$args['u_passwd'] . $salt);
if ($original_hash == $new_hash)
{
return true;
}
break;
case 'SHA':
- if (base64_encode(mhash(MHASH_SHA1,
$u_passwd)) == $h_passwd)
+ if (base64_encode(mhash(MHASH_SHA1,
$args['u_passwd'])) == $args['h_passwd'])
{
return true;
}
break;
case 'CRYPT':
- if (crypt($u_passwd,$h_passwd) ==
$h_passwd)
+ if
(crypt($args['u_passwd'],$args['h_passwd']) == $args['h_passwd'])
{
return true;
}
break;
case 'SMD5':
- $salt = substr($h_passwd,0,8);
- if ($salt . md5($salt . $u_passwd) ==
$h_passwd)
+ $salt = substr($args['h_passwd'],0,8);
+ if ($salt . md5($salt .
$args['u_passwd']) == $args['h_passwd'])
{
- return true;
+ return true;
}
break;
// Default type is MD5 no salt
case 'MD5':
default:
- if (md5($u_passwd) == $h_passwd)
+ if (md5($args['u_passwd']) ==
$args['h_passwd'])
{
return true;
}
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Phpgroupware-cvs] api/class.auth.php, 1.1.1.1.2.11,
nomail <=