From 350de0a285b8d801d37ab68802d62693c11a3d4c Mon Sep 17 00:00:00 2001 From: Tristan Zur Date: Wed, 16 May 2012 17:05:29 +0200 Subject: =?UTF-8?q?Bugfix:=20Salt=20wurde=20beim=20Anlegen=20nicht=20gener?= =?UTF-8?q?iert=20Bugfix:=20Passwort=20wurde=20beim=20Speichern=20nicht=20?= =?UTF-8?q?verschl=C3=BCsselt?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- protected/models/User.php | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/protected/models/User.php b/protected/models/User.php index b6a1609..13163c3 100644 --- a/protected/models/User.php +++ b/protected/models/User.php @@ -78,6 +78,17 @@ class User extends CActiveRecord 'is_super_admin' => 'Is Super Admin', ); } + + protected function beforeSave() { + if ($this->isNewRecord) { + $this->created_at = new CDbExpression("NOW()"); + $this->salt = $this->generateRandomKey(); + } + + $this->password = $this->encryptPassword($this->password); + + return parent::beforeSave(); + } /** * Retrieves a list of models based on the current search/filter conditions. @@ -104,6 +115,21 @@ class User extends CActiveRecord } public function checkPassword($password) { - return sha1($this->salt.$password) == $this->password; + return $this->encryptPassword($password) == $this->password; + } + + protected function encryptPassword($password) { + return sha1($this->salt.$password); } + + protected function generateRandomKey($len = 20) { + $string = ''; + $pool = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'; + for ($i = 1; $i <= $len; $i++) { + $string .= substr($pool, rand(0, 61), 1); + } + + return md5($string); + } + } \ No newline at end of file -- cgit v1.0-28-g1787