Changeset 830429
- Timestamp:
- 12/30/2013 08:25:21 PM (12 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
google-authenticator/trunk/google-authenticator.php
r830388 r830429 22 22 Thanks to Ian Dunn for fixing some depricated function calls. 23 23 Thanks to Kimmo Suominen for fixing the iPhone description issue. 24 Thanks to Alex Concha for some security tips. 24 25 25 26 ---------------------------------------------------------------------------- … … 192 193 if ( trim( get_user_option( 'googleauthenticator_pwdenabled', $user->ID ) ) == 'enabled' && ( defined('XMLRPC_REQUEST') || defined('APP_REQUEST') ) ) { 193 194 $GA_passwords = json_decode( get_user_option( 'googleauthenticator_passwords', $user->ID ) ); 194 $password sha1= trim($GA_passwords->{'password'} );195 $passwordhash = trim($GA_passwords->{'password'} ); 195 196 $usersha1 = sha1( strtoupper( str_replace( ' ', '', $password ) ) ); 196 if ( $passwordsha1 == $usersha1 ) { 197 if ( $passwordhash == $usersha1 ) { // ToDo: Remove after some time when users have migrated to new format 198 return new WP_User( $user->ID ); 199 // Try the new version based on thee wp_hash_password function 200 } elseif (wp_check_password( strtoupper( str_replace( ' ', '', $password ) ), $passwordhash)) { 197 201 return new WP_User( $user->ID ); 198 202 } else { … … 406 410 if (strtoupper($GA_password) != 'XXXXXXXXXXXXXXXX' ) { 407 411 // Store the password in a format that can be expanded easily later on if needed. 408 $GA_password = array( 'appname' => 'Default', 'password' => sha1( $GA_password ) );412 $GA_password = array( 'appname' => 'Default', 'password' => wp_hash_password( $GA_password ) ); 409 413 update_user_option( $user_id, 'googleauthenticator_passwords', json_encode( $GA_password ), true ); 410 414 }
Note: See TracChangeset
for help on using the changeset viewer.