eliseuamaro/gnu-social
1
0
Fork 0
forked from GNUsocial/gnu-social
Code Issues Pull Requests Releases Wiki Activity

[SECURITY] Fix error in user registering where password wasn't hashed

Browse Source
This commit is contained in:
Hugo Sales
2020-08-19 14:00:57 +00:00
committed by Hugo Sales
parent 1b350d51fc
commit de22f18abf
2 changed files with 9 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/Entity/LocalUser.php
View File

@@ -306,12 +306,12 @@ class LocalUser extends Entity implements UserInterface
public function changePassword(string $new_password, bool $override = false): void
{
if ($override || $this->checkPassword($new_password)) {
$this->setPassword($this->hashPassword($new_password));
$this->setPassword(self::hashPassword($new_password));
DB::flush();
}
}
public function hashPassword(string $password)
public static function hashPassword(string $password)
{
$algorithm = self::algoNameToConstant(Common::config('security', 'algorithm'));
$options = Common::config('security', 'options');