From bc2fc7f2dbf18d92ad6ef29c8173ff26b5213608 Mon Sep 17 00:00:00 2001 From: Damian Mooyman Date: Thu, 1 Feb 2018 16:24:31 +1300 Subject: [PATCH] BUG Prevent invalid members being written to database if validation_enabled is false --- src/Security/Member.php | 5 +++++ src/Security/PasswordEncryptor.php | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/src/Security/Member.php b/src/Security/Member.php index 40168e1e8..c99d969f1 100644 --- a/src/Security/Member.php +++ b/src/Security/Member.php @@ -1654,6 +1654,11 @@ class Member extends DataObject */ public function validate() { + // If validation is disabled, skip this step + if (!DataObject::config()->uninherited('validation_enabled')) { + return ValidationResult::create(); + } + $valid = parent::validate(); $validator = static::password_validator(); diff --git a/src/Security/PasswordEncryptor.php b/src/Security/PasswordEncryptor.php index dc2bffe51..b2a8a27cc 100644 --- a/src/Security/PasswordEncryptor.php +++ b/src/Security/PasswordEncryptor.php @@ -28,7 +28,7 @@ abstract class PasswordEncryptor */ public static function get_encryptors() { - return Config::inst()->get('SilverStripe\\Security\\PasswordEncryptor', 'encryptors'); + return Config::inst()->get(self::class, 'encryptors'); } /**