Support any php default password hash algorithm change

SVN:trunk[5998]
2026-02-12 23:14:18 +01:00 · 2018-08-03 14:52:05 +00:00
parent dd46048ea6
commit 135d9c5e55
1 changed files with 4 additions and 6 deletions
--- a/core/ormpassword.class.inc.php
+++ b/core/ormpassword.class.inc.php
@@ -96,12 +96,10 @@ class ormPassword
 	{
 		$bResult = false;
 		$aInfo = password_get_info($this->m_sHashed);
-		switch ($aInfo["algoName"])
+		switch ($aInfo["algo"])
 		{
-			case 'bcrypt':
-				$bResult = password_verify($sClearTextPassword, $this->m_sHashed);
-				break;
-			case 'unknown':
+			case 0:
+				//unknown, assume it's a legacy password
 				$sHashedPwd = $this->ComputeHash($sClearTextPassword);
 				if ($this->m_sHashed == $sHashedPwd)
 				{
@@ -109,7 +107,7 @@ class ormPassword
 				}
 				break;
 			default:
-				//shouldn't happen until php modify PASSWORD_DEFAULT
+				$bResult = password_verify($sClearTextPassword, $this->m_sHashed);
 		}
 		return $bResult;
 	}