"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "lib/Vend/UserDB.pm" between
interchange-5.8.2.tar.gz and interchange-5.10.0.tar.gz

About: Interchange is an Electronic commerce system (supports SSL, PGP/GPG).

UserDB.pm  (interchange-5.8.2):UserDB.pm  (interchange-5.10.0)
skipping to change at line 754 skipping to change at line 754
if(! $self->{OPTIONS}{logfile}) { if(! $self->{OPTIONS}{logfile}) {
return logError($msg); return logError($msg);
} }
$self->log($msg,@_); $self->log($msg,@_);
return; return;
} }
sub log { sub log {
my $self = shift; my $self = shift;
my $time = $self->{OPTIONS}{unix_time} ? time() : my $time = $self->{OPTIONS}{unix_time} ? time() :
POSIX::strftime("%Y%m%d%H%M", localtime()); POSIX::strftime("%Y%m%d%H%M%S", localtime());
my $msg = shift; my $msg = shift;
logData( ($self->{OPTIONS}{logfile} || $Vend::Cfg->{LogFile}), logData( ($self->{OPTIONS}{logfile} || $Vend::Cfg->{LogFile}),
$time, $time,
$self->{USERNAME}, $self->{USERNAME},
$CGI::remote_host || $CGI::remote _addr, $CGI::remote_host || $CGI::remote _addr,
$msg, $msg,
); );
return; return;
} }
skipping to change at line 1744 skipping to change at line 1744
$self->log_either(errmsg("Refusing to use blank p assword from '%s' database for user '%s'", $self->{DB_ID}, $self->{USERNAME})); $self->log_either(errmsg("Refusing to use blank p assword from '%s' database for user '%s'", $self->{DB_ID}, $self->{USERNAME}));
die $stock_error, "\n"; die $stock_error, "\n";
} }
$pw = $self->{PASSWORD}; $pw = $self->{PASSWORD};
if ( $self->{CRYPT} && $self->{OPTIONS}{promote} ) { if ( $self->{CRYPT} && $self->{OPTIONS}{promote} ) {
my ($cur_method) = grep { $self->{OPTIONS}{ $_ } } keys %enc_subs; my ($cur_method) = grep { $self->{OPTIONS}{ $_ } } keys %enc_subs;
$cur_method ||= 'default'; $cur_method ||= 'default';
my $stored_by = $enc_id{ determine_cipher($db_pas s) }; my $stored_by = $enc_id{ determine_cipher($db_pas s) };
my $from_sub = $self->{OPTIONS}{from_plain} ? sub {$_[1]} : $enc_subs{$stored_by};
if ( if (
$cur_method ne $stored_by $cur_method ne $stored_by
|| ||
$cur_method eq 'bcrypt' $cur_method eq 'bcrypt'
&& &&
bcost($self->{OPTIONS}) != bcost($self->{ OPTIONS}, bmarshal($db_pass)) bcost($self->{OPTIONS}) != bcost($self->{ OPTIONS}, bmarshal($db_pass))
and and
$db_pass eq $enc_subs{$stored_by}->($self , $pw, $db_pass) $db_pass eq $from_sub->($self, $pw, $db_p ass)
) { ) {
my $newpass = $enc_subs{$cur_method}->($s elf, $pw, Vend::Util::random_string(2)); my $newpass = $enc_subs{$cur_method}->($s elf, $pw, Vend::Util::random_string(2));
my $db_newpass = eval { my $db_newpass = eval {
$self->{DB}->set_field( $self->{DB}->set_field(
$self->{USERNAME}, $self->{USERNAME},
$self->{LOCATION}{PASSWOR D}, $self->{LOCATION}{PASSWOR D},
$newpass, $newpass,
); );
}; };
 End of changes. 3 change blocks. 
2 lines changed or deleted 3 lines changed or added

Home  |  About  |  All  |  Newest  |  Fossies Dox  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTPS