mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 12:05:37 +00:00
Changed $username/$password to $default_username/$default_password,
respecting Security::setDefaultAdmin() in MemberAuthenticator? (merged from branches/gsoc) git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@42156 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
parent
2271dc5d4a
commit
6205cff4f1
@ -28,13 +28,19 @@ class MemberAuthenticator extends Authenticator {
|
|||||||
public static function authenticate(array $RAW_data, Form $form = null) {
|
public static function authenticate(array $RAW_data, Form $form = null) {
|
||||||
$SQL_user = Convert::raw2sql($RAW_data['Email']);
|
$SQL_user = Convert::raw2sql($RAW_data['Email']);
|
||||||
|
|
||||||
$member = DataObject::get_one("Member",
|
// Default login (see {@setDetaultAdmin()})
|
||||||
"Email = '$SQL_user' AND Password IS NOT NULL");
|
$defaultUsername = Security::get_default_username();
|
||||||
|
$defaultPassword = Security::get_default_password();
|
||||||
if($member && ($member->checkPassword($RAW_data['Password']) == false)) {
|
if($RAW_data['Email'] == $defaultUsername
|
||||||
$member = null;
|
&& $RAW_data['Password'] == $defaultPassword
|
||||||
}
|
&& !empty($defaultUsername)
|
||||||
|
&& !empty($defaultPassword)
|
||||||
|
) {
|
||||||
|
$member = Security::findAnAdministrator();
|
||||||
|
} else {
|
||||||
|
$member = DataObject::get_one("Member", "Email = '$SQL_user' AND Password IS NOT NULL");
|
||||||
|
if($member && ($member->checkPassword($RAW_data['Password']) == false)) $member = null;
|
||||||
|
}
|
||||||
|
|
||||||
if($member) {
|
if($member) {
|
||||||
Session::clear("BackURL");
|
Session::clear("BackURL");
|
||||||
|
@ -6,14 +6,14 @@
|
|||||||
class Security extends Controller {
|
class Security extends Controller {
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var $username String Only used in dev-mode by setDefaultAdmin()
|
* @var $default_username String Only used in dev-mode by setDefaultAdmin()
|
||||||
*/
|
*/
|
||||||
protected static $username;
|
protected static $default_username;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @var $password String Only used in dev-mode by setDefaultAdmin()
|
* @var $default_password String Only used in dev-mode by setDefaultAdmin()
|
||||||
*/
|
*/
|
||||||
protected static $password;
|
protected static $default_password;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* If set to TRUE to prevent sharing of the session across several sites
|
* If set to TRUE to prevent sharing of the session across several sites
|
||||||
@ -335,6 +335,25 @@ class Security extends Controller {
|
|||||||
$autoLoginHash = urldecode($autoLoginHash);
|
$autoLoginHash = urldecode($autoLoginHash);
|
||||||
return self::Link('changepassword') . "?h=$autoLoginHash";
|
return self::Link('changepassword') . "?h=$autoLoginHash";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns a username set by setDefaultAdmin()
|
||||||
|
*
|
||||||
|
* @return String
|
||||||
|
*/
|
||||||
|
public static function get_default_username() {
|
||||||
|
return self::$default_username;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns a password set by setDefaultAdmin()
|
||||||
|
*
|
||||||
|
* @return String
|
||||||
|
*/
|
||||||
|
public static function get_default_password() {
|
||||||
|
return self::$default_password;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Show the "change password" page
|
* Show the "change password" page
|
||||||
@ -407,8 +426,8 @@ class Security extends Controller {
|
|||||||
$SQL_password = Convert::raw2sql($RAW_password);
|
$SQL_password = Convert::raw2sql($RAW_password);
|
||||||
|
|
||||||
// Default login (see {@setDetaultAdmin()})
|
// Default login (see {@setDetaultAdmin()})
|
||||||
if(($RAW_email == self::$username) && ($RAW_password == self::$password)
|
if(($RAW_email == self::$default_username) && ($RAW_password == self::$default_password)
|
||||||
&& !empty(self::$username) && !empty(self::$password)) {
|
&& !empty(self::$default_username) && !empty(self::$default_password)) {
|
||||||
$member = self::findAnAdministrator();
|
$member = self::findAnAdministrator();
|
||||||
} else {
|
} else {
|
||||||
$member = DataObject::get_one("Member",
|
$member = DataObject::get_one("Member",
|
||||||
@ -468,11 +487,11 @@ class Security extends Controller {
|
|||||||
* @param $password String (Cleartext)
|
* @param $password String (Cleartext)
|
||||||
*/
|
*/
|
||||||
public static function setDefaultAdmin($username, $password) {
|
public static function setDefaultAdmin($username, $password) {
|
||||||
if( self::$username || self::$password )
|
// don't overwrite if already set
|
||||||
return;
|
if(self::$default_username || self::$default_password) return false;
|
||||||
|
|
||||||
self::$username = $username;
|
self::$default_username = $username;
|
||||||
self::$password = $password;
|
self::$default_password = $password;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user