2008-04-26 08:31:52 +02:00
|
|
|
<?php
|
2016-06-15 06:03:16 +02:00
|
|
|
|
2016-06-23 01:37:22 +02:00
|
|
|
namespace SilverStripe\Security;
|
|
|
|
|
|
|
|
|
2016-06-15 06:03:16 +02:00
|
|
|
use SilverStripe\ORM\DataObject;
|
2016-06-23 01:37:22 +02:00
|
|
|
|
|
|
|
|
2008-04-26 08:31:52 +02:00
|
|
|
/**
|
|
|
|
* Keep track of users' previous passwords, so that we can check that new passwords aren't changed back to old ones.
|
2012-04-12 08:02:46 +02:00
|
|
|
* @package framework
|
2008-06-15 15:33:53 +02:00
|
|
|
* @subpackage security
|
2014-01-26 04:17:17 +01:00
|
|
|
*
|
|
|
|
* @property string Password
|
|
|
|
* @property string Salt
|
|
|
|
* @property string PasswordEncryption
|
|
|
|
*
|
|
|
|
* @property int MemberID ID of the Member
|
|
|
|
*
|
|
|
|
* @method Member Member() Owner of the password
|
2008-04-26 08:31:52 +02:00
|
|
|
*/
|
|
|
|
class MemberPassword extends DataObject {
|
2013-03-21 19:48:54 +01:00
|
|
|
private static $db = array(
|
2012-05-07 04:18:15 +02:00
|
|
|
'Password' => 'Varchar(160)',
|
|
|
|
'Salt' => 'Varchar(50)',
|
|
|
|
'PasswordEncryption' => 'Varchar(50)',
|
2008-04-26 08:31:52 +02:00
|
|
|
);
|
2014-08-15 08:53:05 +02:00
|
|
|
|
2013-03-21 19:48:54 +01:00
|
|
|
private static $has_one = array(
|
2016-06-23 01:37:22 +02:00
|
|
|
'Member' => 'SilverStripe\\Security\\Member'
|
2008-04-26 08:31:52 +02:00
|
|
|
);
|
2016-06-23 01:37:22 +02:00
|
|
|
|
|
|
|
private static $table_name = "MemberPassword";
|
2014-08-15 08:53:05 +02:00
|
|
|
|
2008-04-26 08:31:52 +02:00
|
|
|
/**
|
|
|
|
* Log a password change from the given member.
|
|
|
|
* Call MemberPassword::log($this) from within Member whenever the password is changed.
|
2016-06-23 01:37:22 +02:00
|
|
|
*
|
|
|
|
* @param Member $member
|
2008-04-26 08:31:52 +02:00
|
|
|
*/
|
2012-09-19 12:07:39 +02:00
|
|
|
public static function log($member) {
|
2008-04-26 08:31:52 +02:00
|
|
|
$record = new MemberPassword();
|
|
|
|
$record->MemberID = $member->ID;
|
|
|
|
$record->Password = $member->Password;
|
|
|
|
$record->PasswordEncryption = $member->PasswordEncryption;
|
|
|
|
$record->Salt = $member->Salt;
|
|
|
|
$record->write();
|
|
|
|
}
|
2014-08-15 08:53:05 +02:00
|
|
|
|
2008-04-26 08:31:52 +02:00
|
|
|
/**
|
2009-11-06 03:23:21 +01:00
|
|
|
* Check if the given password is the same as the one stored in this record.
|
|
|
|
* See {@link Member->checkPassword()}.
|
2014-08-15 08:53:05 +02:00
|
|
|
*
|
2009-11-06 03:23:21 +01:00
|
|
|
* @param String $password Cleartext password
|
|
|
|
* @return Boolean
|
2014-08-15 08:53:05 +02:00
|
|
|
*/
|
2012-09-19 12:07:39 +02:00
|
|
|
public function checkPassword($password) {
|
2012-05-07 05:03:53 +02:00
|
|
|
$e = PasswordEncryptor::create_for_algorithm($this->PasswordEncryption);
|
|
|
|
return $e->check($this->Password, $password, $this->Salt, $this->Member());
|
2008-04-26 08:31:52 +02:00
|
|
|
}
|
2014-08-15 08:53:05 +02:00
|
|
|
|
|
|
|
|
2012-03-24 04:04:52 +01:00
|
|
|
}
|