Verzeichnisstruktur phpBB-3.3.15
- Veröffentlicht
- 28.08.2024
So funktioniert es
|
|
Auf das letzte Element klicken. Dies geht jeweils ein Schritt zurück |
Auf das Icon klicken, dies öffnet das Verzeichnis. Nochmal klicken schließt das Verzeichnis. |
|
|
(Beispiel Datei-Icons)
|
Auf das Icon klicken um den Quellcode anzuzeigen |
md5_phpbb2.php
001 <?php
002 /**
003 *
004 * This file is part of the phpBB Forum Software package.
005 *
006 * @copyright (c) phpBB Limited <https://www.phpbb.com>
007 * @license GNU General Public License, version 2 (GPL-2.0)
008 *
009 * For full copyright and license information, please see
010 * the docs/CREDITS.txt file.
011 *
012 */
013
014 namespace phpbb\passwords\driver;
015
016 class md5_phpbb2 extends base
017 {
018 const PREFIX = '$md5_phpbb2$';
019
020 /** @var \phpbb\request\request phpBB request object */
021 protected $request;
022
023 /** @var \phpbb\passwords\driver\salted_md5 */
024 protected $salted_md5;
025
026 /** @var \phpbb\passwords\driver\helper */
027 protected $helper;
028
029 /** @var string phpBB root path */
030 protected $phpbb_root_path;
031
032 /** @var string php file extension */
033 protected $php_ext;
034
035 /**
036 * Constructor of passwords driver object
037 *
038 * @param \phpbb\request\request $request phpBB request object
039 * @param \phpbb\passwords\driver\salted_md5 $salted_md5 Salted md5 driver
040 * @param \phpbb\passwords\driver\helper $helper Driver helper
041 * @param string $phpbb_root_path phpBB root path
042 * @param string $php_ext PHP file extension
043 */
044 public function __construct($request, salted_md5 $salted_md5, helper $helper, $phpbb_root_path, $php_ext)
045 {
046 $this->request = $request;
047 $this->salted_md5 = $salted_md5;
048 $this->helper = $helper;
049 $this->phpbb_root_path = $phpbb_root_path;
050 $this->php_ext = $php_ext;
051 }
052
053 /**
054 * {@inheritdoc}
055 */
056 public function get_prefix()
057 {
058 return self::PREFIX;
059 }
060
061 /**
062 * {@inheritdoc}
063 */
064 public function is_legacy()
065 {
066 return true;
067 }
068
069 /**
070 * {@inheritdoc}
071 */
072 public function hash($password, $user_row = '')
073 {
074 // Do not support hashing
075 return false;
076 }
077
078 /**
079 * {@inheritdoc}
080 */
081 public function check($password, $hash, $user_row = array())
082 {
083 if (strlen($hash) != 32 && strlen($hash) != 34)
084 {
085 return false;
086 }
087
088 // enable super globals to get literal value
089 // this is needed to prevent unicode normalization
090 $super_globals_disabled = $this->request->super_globals_disabled();
091 if ($super_globals_disabled)
092 {
093 $this->request->enable_super_globals();
094 }
095
096 // in phpBB2 passwords were used exactly as they were sent, with addslashes applied
097 $password_old_format = isset($_REQUEST['password']) ? (string) $_REQUEST['password'] : '';
098 $password_old_format = addslashes($password_old_format);
099 $password_new_format = $this->request->variable('password', '', true);
100
101 if ($super_globals_disabled)
102 {
103 $this->request->disable_super_globals();
104 }
105
106 if ($password == $password_new_format)
107 {
108 if (!function_exists('utf8_to_cp1252'))
109 {
110 include($this->phpbb_root_path . 'includes/utf/data/recode_basic.' . $this->php_ext);
111 }
112
113 if ($this->helper->string_compare(md5($password_old_format), $hash) || $this->helper->string_compare(md5(\utf8_to_cp1252($password_old_format)), $hash)
114 || $this->salted_md5->check(md5($password_old_format), $hash) === true
115 || $this->salted_md5->check(md5(\utf8_to_cp1252($password_old_format)), $hash) === true)
116 {
117 return true;
118 }
119 }
120
121 return false;
122 }
123 }
124