commit 2ab7d7ad9cc43b59935a40b2f481b823840aff98
parent ffdc8fd9f6afa78c45c6ee8c259c2116c56661ce
Author: Jan Dankert <devnull@localhost>
Date: Wed, 12 Dec 2018 22:53:04 +0100
Methoden als statisch markieren, wenn diese so aufgerufen werden.
Diffstat:
2 files changed, 14 insertions(+), 13 deletions(-)
diff --git a/modules/cms-core/auth/InternalAuth.class.php b/modules/cms-core/auth/InternalAuth.class.php
@@ -19,10 +19,8 @@ class InternalAuth implements Auth
*/
function login( $username, $password,$token )
{
- $db = db_connection();
-
// Lesen des Benutzers aus der DB-Tabelle
- $sql = $db->sql( <<<SQL
+ $sql = db()->sql( <<<SQL
SELECT * FROM {{user}}
WHERE name={name}
SQL
diff --git a/modules/cms-core/model/User.class.php b/modules/cms-core/model/User.class.php
@@ -82,13 +82,15 @@ class User extends ModelBase
}
- // Lesen Benutzer aus der Datenbank
- function getAllUsers()
+ /**
+ * Get all users.
+ *
+ * @return array with user objects
+ */
+ public static function getAllUsers()
{
$list = array();
- $db = db_connection();
-
- $sql = $db->sql( 'SELECT * '.
+ $sql = db()->sql( 'SELECT * '.
' FROM {{user}}'.
' ORDER BY name' );
@@ -584,7 +586,7 @@ SQL
$sql->setInt('expires',$expire);
$sql->setInt ('algo' ,$algo );
- $sql->setString('password',Password::hash($this->pepperPassword($password),$algo) );
+ $sql->setString('password',Password::hash(User::pepperPassword($password),$algo) );
$sql->setInt ('userid' ,$this->userid );
$sql->query();
@@ -895,7 +897,7 @@ SQL
$row_user = $sql->getRow();
// Pruefen ob Kennwort mit Datenbank uebereinstimmt.
- return Password::check($this->pepperPassword($password),$row_user['password_hash'],$row_user['password_algo']);
+ return Password::check(User::pepperPassword($password),$row_user['password_hash'],$row_user['password_algo']);
}
@@ -938,10 +940,11 @@ SQL
* @param Kennwort
* @return Das gepfefferte Kennwort
*/
- public function pepperPassword( $pass )
+ public static function pepperPassword( $pass )
{
- global $conf;
- return $conf['security']['password']['pepper'].$pass;
+ $salt = Conf()->subset('security')->subset('password')->get('pepper');
+
+ return $salt.$pass;
}