From: Roland Häder Date: Tue, 18 Nov 2008 22:53:49 +0000 (+0000) Subject: Some minor improvements: X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=61594e310050659234826cfdd2a7b242986153b7;p=shipsimu.git Some minor improvements: - Password verifier filter now supports 'pass_old' and 'password' field, we should rewrite this anyway. - Variable renamed from oldHash to currentHash --- diff --git a/application/ship-simu/templates/de/code/action_ship_simu_login_goverment_startup_help.ctp b/application/ship-simu/templates/de/code/action_ship_simu_login_goverment_startup_help.ctp index 26b5ece..9f44f71 100644 --- a/application/ship-simu/templates/de/code/action_ship_simu_login_goverment_startup_help.ctp +++ b/application/ship-simu/templates/de/code/action_ship_simu_login_goverment_startup_help.ctp @@ -6,7 +6,7 @@ $helperInstance = ObjectFactory::createObjectByConfiguredName('web_form_helper', $helperInstance->prefetchValueInstance('user'); // Add main form group -$helperInstance->addFormNote('reality_warning', "WARNUNG: Bitte dieses Formular nicht mit echten Angaben ausfüllen!"); +$helperInstance->addFormNote('reality_warning', "WARNUNG: Bitte dieses Formular nicht mit echten Angaben ausfüllen! (Die Profildaten sollte jedoch echt sein.)"); // Add group for personal data $helperInstance->addFormGroup('persona_data', "Deine persönliche Daten, die für die Beantragung nötig sind:"); diff --git a/inc/classes/main/filter/verifier/class_AccountPasswordVerifierFilter.php b/inc/classes/main/filter/verifier/class_AccountPasswordVerifierFilter.php index eab77bd..5ea625d 100644 --- a/inc/classes/main/filter/verifier/class_AccountPasswordVerifierFilter.php +++ b/inc/classes/main/filter/verifier/class_AccountPasswordVerifierFilter.php @@ -53,6 +53,7 @@ class AccountPasswordVerifierFilter extends BaseFilter implements Filterable { * @param $responseInstance An instance of a class with an Responseable interface * @return void * @throws AccountPasswordMismatchException If the account password does not match + * @todo Rewrite handling of different password fields */ public function execute (Requestable $requestInstance, Responseable $responseInstance) { // Get password @@ -60,20 +61,28 @@ class AccountPasswordVerifierFilter extends BaseFilter implements Filterable { // Is the password still not set? if (is_null($password)) { - // Not found in form so stop the filtering process - $requestInstance->requestIsValid(false); + // Get password from alternative location + $password = $requestInstance->getRequestElement('password'); - // Add a message to the response - $responseInstance->addFatalMessage('pass_old_unset'); + // Is the password still not set? + if (is_null($password)) { + // Not found in form so stop the filtering process + $requestInstance->requestIsValid(false); - // Abort here - return false; - } elseif (empty($password)) { + // Add a message to the response + $responseInstance->addFatalMessage('password_unset'); + + // Abort here + return false; + } // END - if + } // END - if + + if (empty($password)) { // Password is empty $requestInstance->requestIsValid(false); // Add a message to the response - $responseInstance->addFatalMessage('pass_old_empty'); + $responseInstance->addFatalMessage('password_empty'); // Abort here return false; @@ -82,14 +91,14 @@ class AccountPasswordVerifierFilter extends BaseFilter implements Filterable { // Get a user instance $userInstance = Registry::getRegistry()->getInstance('user'); - // Get old hash - $oldHash = $userInstance->getField('pass_hash'); + // Get current hash + $currentHash = $userInstance->getField('pass_hash'); // Get an encryption helper and encrypt the password - $passHash = ObjectFactory::createObjectByConfiguredName('crypto_class')->hashString($password, $oldHash); + $passHash = ObjectFactory::createObjectByConfiguredName('crypto_class')->hashString($password, $currentHash); // Does it match? - if ($oldHash != $passHash) { + if ($currentHash != $passHash) { // Throw an exception here to stop the proccessing throw new AccountPasswordMismatchException($this, BaseUser::EXCEPTION_USER_PASS_MISMATCH); } // END - if