当前位置: 首页>>代码示例>>PHP>>正文


PHP password_is_legacy_hash函数代码示例

本文整理汇总了PHP中password_is_legacy_hash函数的典型用法代码示例。如果您正苦于以下问题:PHP password_is_legacy_hash函数的具体用法?PHP password_is_legacy_hash怎么用?PHP password_is_legacy_hash使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。


在下文中一共展示了password_is_legacy_hash函数的3个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: validate_internal_user_password

/**
 * Compare password against hash stored in user object to determine if it is valid.
 *
 * If necessary it also updates the stored hash to the current format.
 *
 * @param stdClass $user (Password property may be updated).
 * @param string $password Plain text password.
 * @return bool True if password is valid.
 */
function validate_internal_user_password($user, $password)
{
    global $CFG;
    if ($user->password === AUTH_PASSWORD_NOT_CACHED) {
        // Internal password is not used at all, it can not validate.
        return false;
    }
    // If hash isn't a legacy (md5) hash, validate using the library function.
    if (!password_is_legacy_hash($user->password)) {
        return password_verify($password, $user->password);
    }
    // Otherwise we need to check for a legacy (md5) hash instead. If the hash
    // is valid we can then update it to the new algorithm.
    $sitesalt = isset($CFG->passwordsaltmain) ? $CFG->passwordsaltmain : '';
    $validated = false;
    if ($user->password === md5($password . $sitesalt) or $user->password === md5($password) or $user->password === md5(addslashes($password) . $sitesalt) or $user->password === md5(addslashes($password))) {
        // Note: we are intentionally using the addslashes() here because we
        //       need to accept old password hashes of passwords with magic quotes.
        $validated = true;
    } else {
        for ($i = 1; $i <= 20; $i++) {
            // 20 alternative salts should be enough, right?
            $alt = 'passwordsaltalt' . $i;
            if (!empty($CFG->{$alt})) {
                if ($user->password === md5($password . $CFG->{$alt}) or $user->password === md5(addslashes($password) . $CFG->{$alt})) {
                    $validated = true;
                    break;
                }
            }
        }
    }
    if ($validated) {
        // If the password matches the existing md5 hash, update to the
        // current hash algorithm while we have access to the user's password.
        update_internal_user_password($user, $password);
    }
    return $validated;
}
开发者ID:lucaboesch,项目名称:moodle,代码行数:47,代码来源:moodlelib.php

示例2: test_update_internal_user_password

 /**
  * Test function update_internal_user_password().
  */
 public function test_update_internal_user_password()
 {
     global $DB;
     $this->resetAfterTest();
     $passwords = array('password', '1234', 'changeme', '****');
     foreach ($passwords as $password) {
         $user = $this->getDataGenerator()->create_user(array('auth' => 'manual'));
         update_internal_user_password($user, $password);
         // The user object should have been updated.
         $this->assertTrue(validate_internal_user_password($user, $password));
         // The database field for the user should also have been updated to the
         // same value.
         $this->assertSame($user->password, $DB->get_field('user', 'password', array('id' => $user->id)));
     }
     $user = $this->getDataGenerator()->create_user(array('auth' => 'manual'));
     // Manually set the user's password to the md5 of the string 'password'.
     $DB->set_field('user', 'password', '5f4dcc3b5aa765d61d8327deb882cf99', array('id' => $user->id));
     // Update the password.
     update_internal_user_password($user, 'password');
     if (password_compat_not_supported()) {
         // If bcrypt not properly supported the password should remain as an md5 hash.
         $expected_hash = hash_internal_user_password('password', true);
         $this->assertSame($user->password, $expected_hash);
         $this->assertTrue(password_is_legacy_hash($user->password));
     } else {
         // Otherwise password should have been updated to a bcrypt hash.
         $this->assertFalse(password_is_legacy_hash($user->password));
     }
 }
开发者ID:miguelangelUvirtual,项目名称:uEducon,代码行数:32,代码来源:moodlelib_test.php

示例3: test_update_internal_user_password

 /**
  * Test function update_internal_user_password().
  */
 public function test_update_internal_user_password()
 {
     global $DB;
     $this->resetAfterTest();
     $passwords = array('password', '1234', 'changeme', '****');
     foreach ($passwords as $password) {
         $user = $this->getDataGenerator()->create_user(array('auth' => 'manual'));
         update_internal_user_password($user, $password);
         // The user object should have been updated.
         $this->assertTrue(validate_internal_user_password($user, $password));
         // The database field for the user should also have been updated to the
         // same value.
         $this->assertSame($user->password, $DB->get_field('user', 'password', array('id' => $user->id)));
     }
     $user = $this->getDataGenerator()->create_user(array('auth' => 'manual'));
     // Manually set the user's password to the md5 of the string 'password'.
     $DB->set_field('user', 'password', '5f4dcc3b5aa765d61d8327deb882cf99', array('id' => $user->id));
     $sink = $this->redirectEvents();
     // Update the password.
     update_internal_user_password($user, 'password');
     $events = $sink->get_events();
     $sink->close();
     $event = array_pop($events);
     // Password should have been updated to a bcrypt hash.
     $this->assertFalse(password_is_legacy_hash($user->password));
     // Verify event information.
     $this->assertInstanceOf('\\core\\event\\user_password_updated', $event);
     $this->assertSame($user->id, $event->relateduserid);
     $this->assertEquals(context_user::instance($user->id), $event->get_context());
     $this->assertEventContextNotUsed($event);
     // Verify recovery of property 'auth'.
     unset($user->auth);
     update_internal_user_password($user, 'newpassword');
     $this->assertDebuggingCalled('User record in update_internal_user_password() must include field auth', DEBUG_DEVELOPER);
     $this->assertEquals('manual', $user->auth);
 }
开发者ID:alanaipe2015,项目名称:moodle,代码行数:39,代码来源:moodlelib_test.php


注:本文中的password_is_legacy_hash函数示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。