yanyu/v2board
1
0
Fork 0
mirror of https://github.com/v2board/v2board.git synced 2024-11-10 09:39:10 +08:00
Code Issues Packages Projects Releases Wiki Activity

update: support md5 with sha256

Browse Source
This commit is contained in:
tokumeikoi 2021-09-14 13:10:29 +09:00
parent ec00fc4496
commit 0374a03892
5 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
app/Http/Controllers/Passport/AuthController.php
View File

@ -125,6 +125,7 @@ class AuthController extends Controller
}
if (!Helper::multiPasswordVerify(
$user->password_algo,
$user->password_salt,
$password,
$user->password)
) {

1
app/Http/Controllers/User/UserController.php
View File

@ -35,6 +35,7 @@ class UserController extends Controller
}
if (!Helper::multiPasswordVerify(
$user->password_algo,
$user->password_salt,
$request->input('old_password'),
$user->password)
) {

4
app/Utils/Helper.php
View File

@ -64,12 +64,12 @@ class Helper
return $str;
}
public static function multiPasswordVerify($algo, $password, $hash)
public static function multiPasswordVerify($algo, $salt, $password, $hash)
{
switch($algo) {
case 'md5': return md5($password) === $hash;
case 'sha256': return hash('sha256', $password) === $hash;
case 'mws': return md5(hash('sha256', $password)) === $hash;
case 'mws': return md5($password . $salt) === $hash;
default: return password_verify($password, $hash);
}
}

3
database/install.sql
View File

@ -323,6 +323,7 @@ CREATE TABLE `v2_user` (
`email` varchar(64) NOT NULL,
`password` varchar(64) NOT NULL,
`password_algo` char(10) DEFAULT NULL,
`password_salt` char(10) DEFAULT NULL,
`balance` int(11) NOT NULL DEFAULT '0',
`discount` int(11) DEFAULT NULL,
`commission_type` tinyint(4) NOT NULL DEFAULT '0' COMMENT '0: system 1: cycle 2: onetime',
@ -352,4 +353,4 @@ CREATE TABLE `v2_user` (
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- 2021-08-28 06:53:57
-- 2021-09-14 04:09:49

2
database/update.sql
View File

@ -439,3 +439,5 @@ ALTER TABLE `v2_ticket_message`
ALTER TABLE `v2_coupon`
ADD `limit_use_with_user` int(11) NULL AFTER `limit_use`;
ALTER TABLE `v2_user`
ADD `password_salt` char(10) COLLATE 'utf8_general_ci' NULL AFTER `password_algo`;