当前位置: 首页>>代码示例>>PHP>>正文


PHP UserUtil::getPasswordHashMethodCode方法代码示例

本文整理汇总了PHP中UserUtil::getPasswordHashMethodCode方法的典型用法代码示例。如果您正苦于以下问题:PHP UserUtil::getPasswordHashMethodCode方法的具体用法?PHP UserUtil::getPasswordHashMethodCode怎么用?PHP UserUtil::getPasswordHashMethodCode使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在UserUtil的用法示例。


在下文中一共展示了UserUtil::getPasswordHashMethodCode方法的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: updateAdmin

 /**
  * This function inserts the admin's user data
  */
 private function updateAdmin()
 {
     $em = $this->container->get('doctrine.entitymanager');
     $params = $this->decodeParameters($this->yamlManager->getParameters());
     // create the password hash
     $password = \UserUtil::getHashedPassword($params['password'], \UserUtil::getPasswordHashMethodCode(UsersConstant::DEFAULT_HASH_METHOD));
     // prepare the data
     $username = mb_strtolower($params['username']);
     $nowUTC = new \DateTime(null, new \DateTimeZone('UTC'));
     $nowUTCStr = $nowUTC->format(UsersConstant::DATETIME_FORMAT);
     /** @var \Zikula\Module\UsersModule\Entity\UserEntity $entity */
     $entity = $em->find('ZikulaUsersModule:UserEntity', 2);
     $entity->setUname($username);
     $entity->setEmail($params['email']);
     $entity->setPass($password);
     $entity->setActivated(1);
     $entity->setUser_Regdate($nowUTCStr);
     $entity->setLastlogin($nowUTCStr);
     $em->persist($entity);
     $em->flush();
     return true;
 }
开发者ID:rmaiwald,项目名称:core,代码行数:25,代码来源:AjaxInstallController.php

示例2: checkPassword


//.........这里部分代码省略.........
        $uid = ModUtil::apiFunc($this->name, 'Authentication', 'getUidForAuthenticationInfo', $getUidArgs, 'Zikula_Api_AbstractAuthentication');

        if ($uid) {
            if (!isset($authenticationInfo['pass']) || !is_string($authenticationInfo['pass'])
                    || empty($authenticationInfo['pass'])) {
                // The user did not specify a password, or the one specified is invalid.
                throw new Zikula_Exception_Fatal($this->__('Error! A password must be provided.'));
            }

            // For a custom authenticationModule, we'd map the authenticationInfo to a uid above, and then execute the custom
            // authentication process here. On success the uid would be returned, otherwise false is returned. Note that
            // any "log in" into the Zikula site is not done here. This is simply verification that the authenticationInfo,
            // including the password, is valid as a unit.

            $userObj = UserUtil::getVars($uid, true);
            if (!$userObj) {
                // Must be a registration. Acting as an authenticationModule, we should not care at this point about the user's
                // account status. We will deal with the account status in a moment.
                $userObj = UserUtil::getVars($uid, true, '', true);

                if (!$userObj) {
                    // Neither an account nor a pending registration request. This should really not happen since we have a uid.
                    throw new Zikula_Exception_Fatal($this->__f('A user id was located, but the user account record could not be retrieved in a call to %1$s.', array(__METHOD__)));
                }
            }

            // Check for an empty password, or the special marker indicating that the account record does not
            // authenticate with a uname/password (or email/password, depending on the 'loginviaoption' setting) from
            // the Users module. An empty password can be created when an administrator creates a user registration
            // record pending e-mail verification and does not set a password for the user (the user will set it
            // upon verifying his email address). The special marker indicating that the account does not authenticate
            // with the Users module is used when a user registers a new account with the system using an authentication
            // method other than uname/pass or email/pass. In both cases, authentication automatically fails.
            if (!empty($userObj['pass']) && ($userObj['pass'] != Users_Constant::PWD_NO_USERS_AUTHENTICATION)) {
                // The following check for non-salted passwords and the old 'hash_method' field is to allow the admin to log in
                // during an upgrade from 1.2.
                // *** IMPORTANT ***
                // This needs to be kept for any version that allows an upgrade from Zikula 1.2.X.
                $methodSaltDelimPosition = strpos($userObj['pass'], Users_Constant::SALT_DELIM);
                $saltPassDelimPosition = ($methodSaltDelimPosition === false) ? false : strpos($userObj['pass'], Users_Constant::SALT_DELIM, ($methodSaltDelimPosition + 1));
                if ($saltPassDelimPosition === false) {
                    // Old style unsalted password with hash_method in separate field
                    // If this release version of Zikula Users Module allows upgrade from 1.2.X, then this part must be
                    // kept. If this release version of Zikula Users Module DOES NOT support upgrade from 1.2.X then this
                    // is the part that can go away.
                    if (!isset($userObj['hash_method'])) {
                        // Something is horribly wrong. The password on the user account record does not look like the
                        // new style of hashing, and yet the old-style hash method field is nowhere to be found.
                        throw new Zikula_Exception_Fatal($this->__('Invalid account password state.'));
                    }
                    $currentPasswordHashed = $userObj['hash_method'] . '$$' . $userObj['pass'];
                } else {
                    // New style salted password including hash method code.
                    // If this release version of Zikula Users module does not allow upgrade from 1.2.X, then this
                    // is the part to keep.
                    $currentPasswordHashed = $userObj['pass'];
                }
                // *** IMPORTANT ***
                // End of old-style versus new-style hashing handling. When the possiblity to upgrade from 1.2.X is
                // removed from the released version of Zikula Users Module, then delete this section, and replace
                // $currentPasswordHashed with $userObj['pass'] in the call to passwordsMatch below.

                if (UserUtil::passwordsMatch($authenticationInfo['pass'], $currentPasswordHashed)) {
                    // Password in $authenticationInfo['pass'] is good at this point.

                    // *** IMPORTANT ***
                    // Again, this section is for converting old-style hashing to new-style hashing. Same as noted
                    // above applies to this section.
                    // See if we need to convert the password hashing to the new configuration.
                    if (version_compare($this->modinfo['version'], '2.0.0') >= 0) {
                        // Check stored hash matches the current system type, if not convert it--but only if the module version is sufficient.
                        // Note: this is purely specific to the Users module authentication. A custom module might do something similar if it
                        // changed the way it stored some piece of data between versions, but in general this would be uncommon.
                        list($currentPasswordHashCode, $currentPasswordSaltStr, $currentPasswordHashStr) = explode(Users_Constant::SALT_DELIM, $currentPasswordHashed);
                        $systemHashMethodCode = UserUtil::getPasswordHashMethodCode($this->getVar('hash_method', 'sha256'));
                        if (($systemHashMethodCode != $currentPasswordHashCode) || empty($currentPasswordSaltStr)) {
                            if (!UserUtil::setPassword($authenticationInfo['pass'], $uid)) {
                                LogUtil::log($this->__('Internal Error! Unable to update the user\'s password with the new hashing method and/or salt.'), 'CORE');
                            }
                        }
                    }
                    // *** IMPORTANT ***
                    // End of old-style to new-style hasing conversion.

                    // The password is good, so the password is authenticated.
                    $passwordAuthenticates = true;
                }
            }
        }

        if (!$passwordAuthenticates && !$this->request->getSession()->hasMessages(Zikula_Session::MESSAGE_ERROR)) {
            if ($authenticationMethod['method'] == 'email') {
                $this->registerError($this->__('Sorry! The e-mail address or password you entered was incorrect.'));
            } else {
                $this->registerError($this->__('Sorry! The user name or password you entered was incorrect.'));
            }
        }

        return $passwordAuthenticates;
    }
开发者ID:projectesIF,项目名称:Sirius,代码行数:101,代码来源:Authentication.php


注:本文中的UserUtil::getPasswordHashMethodCode方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。