[TYPO3-core] RFC #14727: Code cleanup: tx_saltedpasswords_sv1 should use parent object instead of TYPO3_MODE
Alexander Stehlik
alexander.stehlik at googlemail.com
Sat Feb 26 09:20:46 CET 2011
Reminder #2
Am 04.02.2011 12:52, schrieb Alexander Stehlik:
> Reminder #1
>
> Am 09.01.2011 15:30, schrieb Alexander Stehlik:
>> Hi,
>>
>> you are right this problem is quite tricky.
>>
>> The only solution I could think of is a modification of
>> t3lib_div::makeInstanceService, that provides additional information in
>> the t3lib_svbase::info array (see attached patch).
>>
>> What do you think of it?
>>
>> Kind regards,
>> Alex
>>
>> Am 09.01.2011 01:30, schrieb Marcus Krause:
>>> Hi!
>>>
>>> Steffen Gebert schrieb am 01/08/2011 02:27 PM Uhr:
>>>>> Bugtracker references:
>>>>> http://bugs.typo3.org/view.php?id=0014727
>>>>>
>>>>> Branches:
>>>>> trunk
>>>>>
>>>>> Problem:
>>>>> At the moment, tx_saltedpasswords_sv1 uses the TYPO3_MODE constant to
>>>>> determine in which table the password should be updated (in
>>>>> updatePassword() method).
>>>>> This isn't very clean and can lead to problems if you use some kind of
>>>>> be/fe login combination extension like simulatebe. There, the user
>>>>> logs in to the Frontend, to TYPO3_MODE is "FE" but wants to
>>>>> authenticate a BE user.
>>>>>
>>>>> Solution:
>>>>> A simple solution to this is the usage of the $pObj field. See the
>>>>> attached patch. It makes things much simpler and cleaner as far as I
>>>>> can see.
>>>>
>>>> +1 by reading and testing
>>>>
>>>> Attached a cleaned-up patch against svn root.
>>>
>>> Although this is a nice catch, the patch doesn't solve the problem once
>>> and forever.
>>>
>>> In tx_saltedpasswords_sv1::init() there's a function call to
>>> tx_saltedpasswords_div::isUsageEnabled() which determines if
>>> saltedpasswords is enabled for the desired TYPO3_MODE.
>>>
>>> To completely fix this problem, you would hand over the mode somehow
>>> retrieved from $pObj to tx_saltedpasswords_div::isUsageEnabled().
>>>
>>> Luckily, isUsageEnabled() accepts an optional parameter with the
>>> TYPO3_MODE.
>>> Unluckily, $pObj is not yet available at this state. It's available with
>>> tx_sv_authbase::initAuth(), the next call in authentication service
>>> instanciation/service.
>>>
>>>
>>> Marcus.
>>
>
More information about the TYPO3-team-core
mailing list