diff options
| author | Tristan Zur <tzur@ccwn.org> | 2012-05-16 17:05:29 +0200 |
|---|---|---|
| committer | Tristan Zur <tzur@ccwn.org> | 2012-05-16 17:05:29 +0200 |
| commit | 350de0a285b8d801d37ab68802d62693c11a3d4c (patch) | |
| tree | 33370a7367bd378af86f86bbe42e5377ce0fc72f | |
| parent | 1c57e4d02c914cb83d13ef919179f9cb73b5fbbe (diff) | |
Bugfix: Salt wurde beim Anlegen nicht generiert
Bugfix: Passwort wurde beim Speichern nicht verschlüsselt
| -rw-r--r-- | protected/models/User.php | 28 |
1 files changed, 27 insertions, 1 deletions
diff --git a/protected/models/User.php b/protected/models/User.php index b6a1609..13163c3 100644 --- a/protected/models/User.php +++ b/protected/models/User.php @@ -79,6 +79,17 @@ class User extends CActiveRecord ); } + protected function beforeSave() { + if ($this->isNewRecord) { + $this->created_at = new CDbExpression("NOW()"); + $this->salt = $this->generateRandomKey(); + } + + $this->password = $this->encryptPassword($this->password); + + return parent::beforeSave(); + } + /** * Retrieves a list of models based on the current search/filter conditions. * @return CActiveDataProvider the data provider that can return the models based on the search/filter conditions. @@ -104,6 +115,21 @@ class User extends CActiveRecord } public function checkPassword($password) { - return sha1($this->salt.$password) == $this->password; + return $this->encryptPassword($password) == $this->password; + } + + protected function encryptPassword($password) { + return sha1($this->salt.$password); + } + + protected function generateRandomKey($len = 20) {
+ $string = '';
+ $pool = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
+ for ($i = 1; $i <= $len; $i++) {
+ $string .= substr($pool, rand(0, 61), 1);
}
+
+ return md5($string);
+ }
+ }
\ No newline at end of file |