Some minor improvements:

- Password verifier filter now supports 'pass_old' and 'password' field, we
  should rewrite this anyway.
- Variable renamed from oldHash to currentHash

diff --git a/application/ship-simu/templates/de/code/action_ship_simu_login_goverment_startup_help.ctp b/application/ship-simu/templates/de/code/action_ship_simu_login_goverment_startup_help.ctp
index 26b5ece14ea316a0a312764b2d6a5be396487302..9f44f711528c0f3ddbf54871ce537cd8be856393 100644 (file)
--- a/application/ship-simu/templates/de/code/action_ship_simu_login_goverment_startup_help.ctp
+++ b/application/ship-simu/templates/de/code/action_ship_simu_login_goverment_startup_help.ctp
@@ -6,7 +6,7 @@ $helperInstance = ObjectFactory::createObjectByConfiguredName('web_form_helper',
 $helperInstance->prefetchValueInstance('user');
 
 // Add main form group
-$helperInstance->addFormNote('reality_warning', "WARNUNG: Bitte dieses Formular nicht mit echten Angaben ausfüllen!");
+$helperInstance->addFormNote('reality_warning', "WARNUNG: Bitte dieses Formular nicht mit echten Angaben ausfüllen! (Die Profildaten sollte jedoch echt sein.)");
 
 // Add group for personal data
 $helperInstance->addFormGroup('persona_data', "Deine persönliche Daten, die für die Beantragung nötig sind:");

diff --git a/inc/classes/main/filter/verifier/class_AccountPasswordVerifierFilter.php b/inc/classes/main/filter/verifier/class_AccountPasswordVerifierFilter.php
index eab77bdeaa0fe50df4273a147f1c257aff079313..5ea625d9213e73526fb61e90f9074931632dc12f 100644 (file)
--- a/inc/classes/main/filter/verifier/class_AccountPasswordVerifierFilter.php
+++ b/inc/classes/main/filter/verifier/class_AccountPasswordVerifierFilter.php
@@ -53,6 +53,7 @@ class AccountPasswordVerifierFilter extends BaseFilter implements Filterable {
         * @param       $responseInstance       An instance of a class with an Responseable interface
         * @return      void
         * @throws      AccountPasswordMismatchException        If the account password does not match
+        * @todo        Rewrite handling of different password fields
         */
        public function execute (Requestable $requestInstance, Responseable $responseInstance) {
                // Get password
@@ -60,20 +61,28 @@ class AccountPasswordVerifierFilter extends BaseFilter implements Filterable {
 
                // Is the password still not set?
                if (is_null($password)) {
-                       // Not found in form so stop the filtering process
-                       $requestInstance->requestIsValid(false);
+                       // Get password from alternative location
+                       $password = $requestInstance->getRequestElement('password');
 
-                       // Add a message to the response
-                       $responseInstance->addFatalMessage('pass_old_unset');
+                       // Is the password still not set?
+                       if (is_null($password)) {
+                               // Not found in form so stop the filtering process
+                               $requestInstance->requestIsValid(false);
 
-                       // Abort here
-                       return false;
-               } elseif (empty($password)) {
+                               // Add a message to the response
+                               $responseInstance->addFatalMessage('password_unset');
+
+                               // Abort here
+                               return false;
+                       } // END - if
+               } // END - if
+
+               if (empty($password)) {
                        // Password is empty
                        $requestInstance->requestIsValid(false);
 
                        // Add a message to the response
-                       $responseInstance->addFatalMessage('pass_old_empty');
+                       $responseInstance->addFatalMessage('password_empty');
 
                        // Abort here
                        return false;
@@ -82,14 +91,14 @@ class AccountPasswordVerifierFilter extends BaseFilter implements Filterable {
                // Get a user instance
                $userInstance = Registry::getRegistry()->getInstance('user');
 
-               // Get old hash
-               $oldHash = $userInstance->getField('pass_hash');
+               // Get current hash
+               $currentHash = $userInstance->getField('pass_hash');
 
                // Get an encryption helper and encrypt the password
-               $passHash = ObjectFactory::createObjectByConfiguredName('crypto_class')->hashString($password, $oldHash);
+               $passHash = ObjectFactory::createObjectByConfiguredName('crypto_class')->hashString($password, $currentHash);
 
                // Does it match?
-               if ($oldHash != $passHash) {
+               if ($currentHash != $passHash) {
                        // Throw an exception here to stop the proccessing
                        throw new AccountPasswordMismatchException($this, BaseUser::EXCEPTION_USER_PASS_MISMATCH);
                } // END - if