X-Git-Url: https://git.mxchange.org/?p=mailer.git;a=blobdiff_plain;f=inc%2Fclasses%2Fmain%2Ffilter%2Fverifier%2Fclass_AccountPasswordVerifierFilter.php;h=44fdcfc9f574399893f43ec11cc18f04f0cf71ed;hp=eab77bdeaa0fe50df4273a147f1c257aff079313;hb=a2ec310b333194cfc83f0c2d76309fb5afccace6;hpb=558b417d946a1a6cee5278e86b5ed042afb3aad6 diff --git a/inc/classes/main/filter/verifier/class_AccountPasswordVerifierFilter.php b/inc/classes/main/filter/verifier/class_AccountPasswordVerifierFilter.php index eab77bdeaa..44fdcfc9f5 100644 --- a/inc/classes/main/filter/verifier/class_AccountPasswordVerifierFilter.php +++ b/inc/classes/main/filter/verifier/class_AccountPasswordVerifierFilter.php @@ -36,12 +36,16 @@ class AccountPasswordVerifierFilter extends BaseFilter implements Filterable { /** * Creates an instance of this filter class * - * @return $filterInstance An instance of this filter class + * @param $controllerInstance An instance of a Controller class + * @return $filterInstance An instance of this filter class */ - public final static function createAccountPasswordVerifierFilter () { + public final static function createAccountPasswordVerifierFilter (Controller $controllerInstance) { // Get a new instance $filterInstance = new AccountPasswordVerifierFilter(); + // Set the controller + $filterInstance->setControllerInstance($controllerInstance); + // Return the instance return $filterInstance; } @@ -53,6 +57,7 @@ class AccountPasswordVerifierFilter extends BaseFilter implements Filterable { * @param $responseInstance An instance of a class with an Responseable interface * @return void * @throws AccountPasswordMismatchException If the account password does not match + * @todo Rewrite handling of different password fields */ public function execute (Requestable $requestInstance, Responseable $responseInstance) { // Get password @@ -60,20 +65,28 @@ class AccountPasswordVerifierFilter extends BaseFilter implements Filterable { // Is the password still not set? if (is_null($password)) { - // Not found in form so stop the filtering process - $requestInstance->requestIsValid(false); + // Get password from alternative location + $password = $requestInstance->getRequestElement('password'); - // Add a message to the response - $responseInstance->addFatalMessage('pass_old_unset'); + // Is the password still not set? + if (is_null($password)) { + // Not found in form so stop the filtering process + $requestInstance->requestIsValid(false); - // Abort here - return false; - } elseif (empty($password)) { + // Add a message to the response + $responseInstance->addFatalMessage('password_unset'); + + // Abort here + return false; + } // END - if + } // END - if + + if (empty($password)) { // Password is empty $requestInstance->requestIsValid(false); // Add a message to the response - $responseInstance->addFatalMessage('pass_old_empty'); + $responseInstance->addFatalMessage('password_empty'); // Abort here return false; @@ -82,14 +95,14 @@ class AccountPasswordVerifierFilter extends BaseFilter implements Filterable { // Get a user instance $userInstance = Registry::getRegistry()->getInstance('user'); - // Get old hash - $oldHash = $userInstance->getField('pass_hash'); + // Get current hash + $currentHash = $userInstance->getField('pass_hash'); // Get an encryption helper and encrypt the password - $passHash = ObjectFactory::createObjectByConfiguredName('crypto_class')->hashString($password, $oldHash); + $passHash = ObjectFactory::createObjectByConfiguredName('crypto_class')->hashString($password, $currentHash); // Does it match? - if ($oldHash != $passHash) { + if ($currentHash != $passHash) { // Throw an exception here to stop the proccessing throw new AccountPasswordMismatchException($this, BaseUser::EXCEPTION_USER_PASS_MISMATCH); } // END - if