TYPO3 7.6.x Creating a MD5 encrypted Passwordfield in the TCA
Question
I tried creating a password field using Typo3's 'eval' functions.
TYPO3 Version 7.6.9
Here is my config:
'password' => array(
'exclude' => 1,
'label' => 'LLL:EXT:myext/Resources/Private/Language/locallang_db.xlf:tx_myext_domain_model_pin.password',
'config' => array(
'type' => 'input',
'size' => 50,
'eval' => 'nospace,required,md5,unique,password'
)
),
if i leave out the 'password' at the end the field gets saved normaly but as soon as i add it, the password field no longer updates/saves.
1 answers
solution1
-1 2016-07-26 12:25:28
You don't need to add the md5 and unique as eval parameters. In 7.x passwords are automatically encrypted with the saltedpasswords system extension and it is safer than md5. Passwords normally are not unique, so i guess it is there by mistake, but it should actually also work with unique.
'password' => array(
'exclude' => 1,
'label' => 'LLL:EXT:myext/Resources/Private/Language/locallang_db.xlf:tx_myext_domain_model_pin.password',
'config' => array(
'type' => 'input',
'size' => 50,
'eval' => 'nospace,required,password'
)
),
later you can check the password this way: $hash is the password hash from your db and $password is the playin password you are checking
if (\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::isLoaded('saltedpasswords') && \TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled('FE')) {
$saltObject = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance(NULL);
return $saltObject->checkPassword($password, $hash);
} elseif ($GLOBALS['TYPO3_CONF_VARS']['FE']['loginSecurityLevel'] == 'md5') {
return $password == md5($password);
} elseif ($GLOBALS['TYPO3_CONF_VARS']['FE']['loginSecurityLevel'] === 'sha1') {
return $password == sha1($password);
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.