}
// Generate a hash for extra-security for all passwords
-function generateHash ($plainText, $salt = '') {
+function generateHash ($plainText, $salt = '', $hash = true) {
// Is the required extension 'sql_patches' there and a salt is not given?
if (((isExtensionInstalledAndOlder('sql_patches', '0.3.6')) || (!isExtensionActive('sql_patches')) || (!isExtensionInstalledAndNewer('other', '0.2.5'))) && (empty($salt))) {
// Extension sql_patches is missing/outdated so we hash the plain text with MD5
- return md5($plainText);
+ if ($hash === true) {
+ // Is plain password
+ return md5($plainText);
+ } else {
+ // Is already a hash
+ return $plainText;
+ }
} // END - if
// Do we miss an arry element here?
$ret = $passHash;
// Is a secret key and master salt already initialized?
- if ((isExtensionInstalled('sql_patches')) && (isExtensionInstalledAndNewer('other', '0.2.5')) && (isConfigEntrySet('_PRIME')) && (isConfigEntrySet('secret_key')) && (isConfigEntrySet('master_salt'))) {
+ if ((isExtensionInstalled('sql_patches')) && (isConfigEntrySet('_PRIME')) && (isConfigEntrySet('secret_key')) && (isConfigEntrySet('master_salt'))) {
// Only calculate when the secret key is generated
+ if (strlen($passHash) != getConfig('secret_key')) {
+ // Both keys must have same length so return unencrypted
+ return $ret;
+ } // END - if
+
$newHash = ''; $start = 9;
- for ($idx = '0'; $idx < 10; $idx++) {
- $part1 = hexdec(substr($passHash, $start, 4));
- $part2 = hexdec(substr(getConfig('secret_key'), $start, 4));
+ //* DEBUG: */ outputHtml('passHash=' . $passHash . '(' . strlen($passHash) . ')<br />');
+ for ($idx = 0; $idx < 20; $idx++) {
+ $part1 = hexdec(substr($passHash, ($idx * 2), 2));
+ $part2 = hexdec(substr(getConfig('secret_key'), $start, 2));
+ //* DEBUG: */ outputHtml('part1='.$part1.'/part2='.$part2.'<br />');
$mod = dechex($idx);
if ($part1 > $part2) {
$mod = dechex(sqrt(($part1 - $part2) * getConfig('_PRIME') / pi()));
} elseif ($part2 > $part1) {
$mod = dechex(sqrt(($part2 - $part1) * getConfig('_PRIME') / pi()));
}
- $mod = substr($mod, 0, 4);
+ $mod = substr($mod, 0, 2);
//* DEBUG: */ outputHtml('part1='.$part1.'/part2='.$part2.'/mod=' . $mod . '('.strlen($mod).')<br />');
- $mod = str_repeat(0, (4 - strlen($mod))) . $mod;
- //* DEBUG: */ outputHtml('*' . $start . '=' . $mod . '*<br />');
- $start += 4;
+ $mod = str_repeat(0, (2 - strlen($mod))) . $mod;
+ //* DEBUG: */ outputHtml('mod(' . ($idx * 2) . ')=' . $mod . '*<br />');
+ $start += 2;
$newHash .= $mod;
} // END - for
- //* DEBUG: */ print($passHash.'<br />' . $newHash." (".strlen($newHash).')<br />');
+ //* DEBUG: */ print($passHash . '<br />' . $newHash . ' (' . strlen($newHash) . ')<br />');
$ret = generateHash($newHash, getConfig('master_salt'));
- //* DEBUG: */ print('ret='.$ret.'<br />');
- } else {
- // Hash it simple
- //* DEBUG: */ outputHtml("--" . $passHash."--<br />");
- $ret = md5($passHash);
- //* DEBUG: */ outputHtml("++" . $ret."++<br />");
- }
+ //* DEBUG: */ print('ret=' . $ret . '<br />');
+ } // END - if
// Return result
return $ret;
// Add them all together. This is maybe to simple
foreach (array('page_header', 'output', 'page_footer') as $pagePart) {
// Add page part if set
- if (isset($GLOBALS[$pagePart]])) $OUT .= $GLOBALS[$pagePart];
+ if (isset($GLOBALS[$pagePart])) $OUT .= $GLOBALS[$pagePart];
} // END - foreach
// Transfer $OUT to 'output'