diff options
Diffstat (limited to 'app/class')
| -rw-r--r-- | app/class/Application.php | 2 | ||||
| -rw-r--r-- | app/class/Controlleruser.php | 3 | ||||
| -rw-r--r-- | app/class/Model.php | 1 | ||||
| -rw-r--r-- | app/class/User.php | 18 |
4 files changed, 18 insertions, 6 deletions
diff --git a/app/class/Application.php b/app/class/Application.php index 4ddf37e..48d898c 100644 --- a/app/class/Application.php +++ b/app/class/Application.php @@ -129,7 +129,7 @@ class Application <h2> <label for="password">Your password</label> </h2> - <input type="password" name="userinit[password]" id="password" minlength="4" maxlength="64" required> + <input type="password" name="userinit[password]" id="password" minlength="<?= Wcms\Model::PASSWORD_MIN_LENGTH ?>" maxlength="<?= Wcms\Model::PASSWORD_MAX_LENGTH ?>" required> <p><i>Your user passworder as first administrator.</i></p> </div> <input type="submit" value="set"> diff --git a/app/class/Controlleruser.php b/app/class/Controlleruser.php index b148f5b..1586679 100644 --- a/app/class/Controlleruser.php +++ b/app/class/Controlleruser.php @@ -33,6 +33,9 @@ class Controlleruser extends Controller if($this->user->iseditor()) { $user = $this->usermanager->get($this->user); $user->hydrate($_POST); + if ($_POST['passwordhash']) { + $user->hashpassword(); + } $this->usermanager->add($user); $this->routedirect('user'); } else { diff --git a/app/class/Model.php b/app/class/Model.php index 6a8f111..1d8d27a 100644 --- a/app/class/Model.php +++ b/app/class/Model.php @@ -88,7 +88,6 @@ abstract class Model const TEXT_ELEMENTS = ['header', 'nav', 'main', 'aside', 'footer']; const MAX_ID_LENGTH = 64; - const PASSWORD_HASH = true; const PASSWORD_MIN_LENGTH = 4; const PASSWORD_MAX_LENGTH = 32; diff --git a/app/class/User.php b/app/class/User.php index b735309..518b096 100644 --- a/app/class/User.php +++ b/app/class/User.php @@ -208,11 +208,21 @@ class User extends Item - - public function hashpassword() + /** + * Hash the password and set `$passwordhashed` to true. + * + * @return bool true in cas of success, otherwise false. + */ + public function hashpassword() : bool { - $this->password = password_hash($this->password, PASSWORD_DEFAULT); - $this->passwordhashed = true; + $hashedpassword = password_hash($this->password, PASSWORD_DEFAULT); + if (!empty($hashedpassword)) { + $this->password = $hashedpassword; + $this->passwordhashed = true; + return true; + } else { + return false; + } } public function validpassword() |