tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 12:05:37 +00:00
Code Issues Projects Releases Wiki Activity

FIX Order of conditionals for getting default admin

Browse Source
This commit is contained in:
Daniel Hensby 2017-06-12 10:37:24 +01:00
parent 7cf7a7094c
commit a5c84b12ab
No known key found for this signature in database
GPG Key ID: B00D1E9767F0B06E
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
security/MemberAuthenticator.php
View File

@ -47,11 +47,11 @@ class MemberAuthenticator extends Authenticator {
}
// Check default login (see Security::setDefaultAdmin())
$asDefaultAdmin = $email === Security::default_admin_username();
$asDefaultAdmin = Security::has_default_admin() && $email === Security::default_admin_username();
if($asDefaultAdmin) {
// If logging is as default admin, ensure record is setup correctly
$member = Member::default_admin();
$success = !$member->isLockedOut() && Security::check_default_admin($email, $data['Password']);
$success = Security::check_default_admin($email, $data['Password']) && $member && !$member->isLockedOut();
//protect against failed login
if($success) {
return $member;

4
security/Security.php
View File

@ -873,9 +873,9 @@ class Security extends Controller implements TemplateGlobalProvider {
*/
public static function check_default_admin($username, $password) {
return (
self::$default_username === $username
self::has_default_admin()
&& self::$default_username === $username
&& self::$default_password === $password
&& self::has_default_admin()
);
}