tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-06-30 00:19:25 +02:00
Code Issues Projects Releases Wiki Activity

BUG First error should take precedence here. No further checks needed.

Browse Source
This commit is contained in:
Mateusz Uzdowski 2013-07-18 18:01:53 +12:00
parent 2ca089532f
commit d4a6f7304e
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
security/Member.php
View File

@ -219,6 +219,9 @@ class Member extends DataObject implements TemplateGlobalProvider {
public function checkPassword($password) {
$result = $this->canLogIn();
// Short-circuit the result upon failure, no further checks needed.
if (!$result->valid()) return $result;
if(empty($this->Password) && $this->exists()) {
$result->error(_t('Member.NoPassword','There is no password on this member.'));
return $result;
@ -442,7 +445,9 @@ class Member extends DataObject implements TemplateGlobalProvider {
self::session_regenerate_id();
Session::set("loggedInAs", $member->ID);
// This lets apache rules detect whether the user has logged in
if(Member::config()->login_marker_cookie) Cookie::set(Member::config()->login_marker_cookie, 1, 0, null, null, false, true);
if(Member::config()->login_marker_cookie) {
Cookie::set(Member::config()->login_marker_cookie, 1, 0, null, null, false, true);
}
$generator = new RandomGenerator();
$token = $generator->randomToken('sha1');
@ -730,7 +735,8 @@ class Member extends DataObject implements TemplateGlobalProvider {
$encryption_details = Security::encrypt_password(
$this->Password, // this is assumed to be cleartext
$this->Salt,
($this->PasswordEncryption) ? $this->PasswordEncryption : Security::config()->password_encryption_algorithm,
($this->PasswordEncryption) ?
$this->PasswordEncryption : Security::config()->password_encryption_algorithm,
$this
);