// Generate a hash for extra-security for all passwords
function generateHash ($plainText, $salt = '', $hash = true) {
+ // Debug output
+ //* DEBUG: */ outputHtml('plainText=' . $plainText . ',salt=' . $salt . ',hash='.intval($hash).'<br />');
+
// Is the required extension 'sql_patches' there and a salt is not given?
// 0123 4 43 3 4 432 2 3 32 2 3 3210
if ((((isExtensionInstalledAndOlder('sql_patches', '0.3.6')) && (empty($salt))) || (!isExtensionActive('sql_patches')) || (!isExtensionInstalledAndNewer('other', '0.2.5')))) {
//* DEBUG: */ outputHtml($salt.' ('.strlen($salt).')<br />');
} else {
// Use given salt
- //* DEBUG: */ print 'salt=' . $salt . '<br />';
+ //* DEBUG: */ outputHtml('salt=' . $salt . '<br />');
$salt = substr($salt, 0, getConfig('salt_length'));
- //* DEBUG: */ print 'salt=' . $salt . '(' . strlen($salt) . '/' . getConfig('salt_length') . ')<br />';
+ //* DEBUG: */ outputHtml('salt=' . $salt . '(' . strlen($salt) . '/' . getConfig('salt_length') . ')<br />');
// Sanity check on salt
if (strlen($salt) != getConfig('salt_length')) {
} // END - if
}
+ // Generate final hash (for debug output)
+ $finalHash = $salt . sha1($salt . $plainText);
+
+ // Debug output
+ //* DEBUG: */ outputHtml('finalHash=' . $finalHash);
+
// Return hash
- return $salt.sha1($salt . $plainText);
+ return $finalHash;
}
// Scramble a string
$ret = $passHash;
// Is a secret key and master salt already initialized?
+ //* DEBUG: */ outputHtml(__FUNCTION__.':'.intval(isExtensionInstalled('sql_patches')).'/'.intval(isConfigEntrySet('_PRIME')).'/'.intval(isConfigEntrySet('secret_key')).'/'.intval(isConfigEntrySet('master_salt')).'<br />');
if ((isExtensionInstalled('sql_patches')) && (isConfigEntrySet('_PRIME')) && (isConfigEntrySet('secret_key')) && (isConfigEntrySet('master_salt'))) {
// Only calculate when the secret key is generated
- if (strlen($passHash) != getConfig('secret_key')) {
+ //* DEBUG: */ outputHtml(__FUNCTION__.':'.strlen($passHash).'/'.strlen(getConfig('secret_key')).'<br />');
+ if ((strlen($passHash) != 49) || (strlen(getConfig('secret_key')) != 40)) {
// Both keys must have same length so return unencrypted
+ logDebugMessage(__FUNCTION__, __LINE__, strlen($passHash).'!=49/'.strlen(getConfig('secret_key')).'!=40');
return $ret;
} // END - if
$newHash = ''; $start = 9;
//* DEBUG: */ outputHtml('passHash=' . $passHash . '(' . strlen($passHash) . ')<br />');
for ($idx = 0; $idx < 20; $idx++) {
- $part1 = hexdec(substr($passHash, ($idx * 2), 2));
+ $part1 = hexdec(substr($passHash, ($idx * 2) + (strlen($passHash) - strlen(getConfig('secret_key'))), 2));
$part2 = hexdec(substr(getConfig('secret_key'), $start, 2));
//* DEBUG: */ outputHtml('part1='.$part1.'/part2='.$part2.'<br />');
$mod = dechex($idx);
$newHash .= $mod;
} // END - for
- //* DEBUG: */ print($passHash . '<br />' . $newHash . ' (' . strlen($newHash) . ')<br />');
+ //* DEBUG: */ outputHtml($passHash . '<br />' . $newHash . ' (' . strlen($newHash) . ')<br />');
$ret = generateHash($newHash, getConfig('master_salt'));
- //* DEBUG: */ print('ret=' . $ret . '<br />');
+ //* DEBUG: */ outputHtml('ret=' . $ret . '<br />');
} // END - if
// Return result
}
// Rebuild cache
-function rebuildCacheFile ($cache, $inc = '', $force = false) {
+function rebuildCache ($cache, $inc = '', $force = false) {
// Debug message
/* DEBUG: */ logDebugMessage(__FUNCTION__, __LINE__, sprintf("cache=%s, inc=%s, force=%s", $cache, $inc, intval($force)));