SilverStripe CMS

General
Development
Edit

Commit Details

Avatar

Repository http://svn.silverstripe.com/open/modules/sapphire/trunk /open/modules/sapphire/trunk
by chillu (Using name ‘ischommer’) on 2009-11-06 02:23 (25 days ago)

ENHANCEMENT Pluggable password encryption through PasswordEncryptor class (#3665)
BUGFIX Fixed password hashing design flaw in Security::encrypt_password(). Removing base_convert() packing with unsafe precision, but retaining backwards compatibilty through pluggable encryptors: PasswordEncryptor_LegacyPHPHash (#3004)
API CHANGE Deprecated Security::encrypt_passwords()
API CHANGE Deprecated Security::$useSalt, use custom PasswordEncryptor implementation
API CHANGE Removed Security::get_encryption_algorithms()
API CHANGE MySQL-specific encyrption types 'password' and 'old_password' are no longer included by default. Use PasswordEncryptor_MySQLPassword and PasswordEncryptor_MySQLOldPassword
API CHANGE Built-in number of hashing algorithms has been reduced to 'none', 'md5', 'sha1'. Use PasswordEncryptor::register() and PasswordEncryptor_PHPHash to re-add others.

Language Totals

  Language Code Added Code Removed Comments Added Comments Removed Blanks Added Blanks Removed
  PHP 232 82 180 66 44 19
  HTML 4 0 0 0 0 0

Files Changed

[7 total ]
File Language Code Added Code Removed Comments Added Comments Removed Blanks Added Blanks Removed
_config.php
  PHP 5 0 0 0 0 0
  HTML 0 0 0 0 0 0
security/MemberPassword.php
  PHP 7 2 5 1 0 0
  HTML 0 0 0 0 0 0
security/Member.php
  PHP 19 12 14 13 2 0
  HTML 0 0 0 0 0 0
security/PasswordEncryptor.php
  PHP 92 0 119 0 26 0
  HTML 2 0 0 0 0 0
security/Security.php
  PHP 15 67 32 52 0 19
  HTML 0 0 0 0 0 0
tests/security/MemberTest.php
  PHP 34 1 0 0 7 0
  HTML 0 0 0 0 0 0
tests/security/PasswordEncryptorTest.php
  PHP 60 0 10 0 9 0
  HTML 2 0 0 0 0 0