|
TYPO3 API
SVNRelease
|
00001 <?php 00002 /*************************************************************** 00003 * Copyright notice 00004 * 00005 * (c) Marcus Krause (marcus#exp2009@t3sec.info) 00006 * (c) Steffen Ritter (info@rs-websystems.de) 00007 * All rights reserved 00008 * 00009 * This script is part of the TYPO3 project. The TYPO3 project is 00010 * free software; you can redistribute it and/or modify 00011 * it under the terms of the GNU General Public License as published by 00012 * the Free Software Foundation; either version 2 of the License, or 00013 * (at your option) any later version. 00014 * 00015 * The GNU General Public License can be found at 00016 * http://www.gnu.org/copyleft/gpl.html. 00017 * A copy is found in the textfile GPL.txt and important notices to the license 00018 * from the author is found in LICENSE.txt distributed with these scripts. 00019 * 00020 * 00021 * This script is distributed in the hope that it will be useful, 00022 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00023 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 00024 * GNU General Public License for more details. 00025 * 00026 * This copyright notice MUST APPEAR in all copies of the script! 00027 ***************************************************************/ 00028 00029 /** 00030 * Class implementing salted evaluation methods. 00031 * 00032 * @author Marcus Krause <marcus#exp2009@t3sec.info> 00033 * @author Steffen Ritter <info@rs-websystems.de> 00034 * 00035 * @since 2009-06-14 00036 * @package TYPO3 00037 * @subpackage tx_saltedpasswords 00038 */ 00039 class tx_saltedpasswords_eval { 00040 /** 00041 * Keeps TYPO3 mode. 00042 * 00043 * Either 'FE' or 'BE'. 00044 * 00045 * @var string 00046 */ 00047 protected $mode = NULL; 00048 00049 /** 00050 * This function just return the field value as it is. No transforming, 00051 * hashing will be done on server-side. 00052 * 00053 * @return JavaScript code for evaluating the 00054 */ 00055 function returnFieldJS() { 00056 return 'return value;'; 00057 } 00058 00059 /** 00060 * Function uses Portable PHP Hashing Framework to create a proper password string if needed 00061 * 00062 * @param mixed $value: The value that has to be checked. 00063 * @param string $is_in: Is-In String 00064 * @param integer $set: Determines if the field can be set (value correct) or not, e.g. if input is required but the value is empty, then $set should be set to FALSE. (PASSED BY REFERENCE!) 00065 * @return The new value of the field 00066 */ 00067 function evaluateFieldValue($value, $is_in, &$set) { 00068 $isEnabled = $this->mode ? tx_saltedpasswords_div::isUsageEnabled($this->mode) : tx_saltedpasswords_div::isUsageEnabled(); 00069 00070 if ($isEnabled) { 00071 $set = FALSE; 00072 $isMD5 = preg_match('/[0-9abcdef]{32,32}/', $value); 00073 $isSaltedHash = t3lib_div::inList('$1$,$2$,$2a,$P$', substr($value, 0, 3)); 00074 00075 $this->objInstanceSaltedPW = tx_saltedpasswords_salts_factory::getSaltingInstance(NULL, $this->mode); 00076 00077 if ($isMD5) { 00078 $set = TRUE; 00079 $value = 'M' . $this->objInstanceSaltedPW->getHashedPassword($value); 00080 } else if (!$isSaltedHash) { 00081 $set = TRUE; 00082 $value = $this->objInstanceSaltedPW->getHashedPassword($value); 00083 } 00084 } 00085 00086 return $value; 00087 } 00088 } 00089 00090 if (defined('TYPO3_MODE') && isset($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['ext/saltedpasswords/classes/eval/class.tx_saltedpasswords_eval.php'])) { 00091 include_once($GLOBALS['TYPO3_CONF_VARS'][TYPO3_MODE]['XCLASS']['ext/saltedpasswords/classes/eval/class.tx_saltedpasswords_eval.php']); 00092 } 00093 ?>
1.8.0