mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
check for empty salt
This commit is contained in:
parent
e7bc8ae99f
commit
eb4ef623ab
@ -520,18 +520,11 @@ class Member extends DataObject
|
|||||||
|
|
||||||
// If the algorithm or salt is not available, it means we are operating
|
// If the algorithm or salt is not available, it means we are operating
|
||||||
// on legacy account with unhashed password. Do not hash the string.
|
// on legacy account with unhashed password. Do not hash the string.
|
||||||
if (!$this->PasswordEncryption) {
|
if (!$this->PasswordEncryption || !$this->Salt) {
|
||||||
return $string;
|
return $string;
|
||||||
}
|
}
|
||||||
|
|
||||||
$e = PasswordEncryptor::create_for_algorithm($this->PasswordEncryption);
|
$e = PasswordEncryptor::create_for_algorithm($this->PasswordEncryption);
|
||||||
|
|
||||||
// If we don't have a salt, don't allow invalid calls to encrypt method
|
|
||||||
if (!$this->Salt) {
|
|
||||||
$this->Salt = $e->salt($string, $this);
|
|
||||||
$this->write();
|
|
||||||
}
|
|
||||||
|
|
||||||
return $e->encrypt($string, $this->Salt);
|
return $e->encrypt($string, $this->Salt);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user