tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity

Added a security fix for Security::check_default_admin()

Browse Source 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@43686 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Hayden Smith 2007-10-23 01:18:39 +00:00
parent 74f154fcda
commit 94c923459d
1 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
security/Security.php
View File

@ -515,11 +515,18 @@ class Security extends Controller {
*/
public static function check_default_admin($username, $password) {
return (
self::$default_username == $username
&& self::$default_password == $password
self::$default_username === $username
&& self::$default_password === $password
&& self::has_default_admin()
);
}
/**
* Check that the default admin account has been set.
*/
public static function has_default_admin() {
return !empty(self::$default_admin) && !empty(self::$default_password);
}
/**
* Set strict path checking