VanillaPassword::verify() - Code Metrics - Inspection of "Test php 7.2 on travis" - vanilla/garden - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#3)

by Alexandre

created 2017-08-29 14:27 UTC

VanillaPassword::verify() D

↳ Parent: VanillaPassword

Complexity

Conditions	9
Paths	7

Size

Total Lines	27
Code Lines	16

Duplication

Lines	0
Ratio	0 %

Code Coverage

Tests	15
CRAP Score	9.0197

Importance

Changes

Metric	Value
cc	9
eloc	16
nc	7
nop	2
dl	0
loc	27
ccs	15
cts	16
cp	0.9375
crap	9.0197
rs	4.909
c	0
b	0
f	0

<?php
/**
 * @author Todd Burry <[email protected]>
 * @copyright 2009-2014 Vanilla Forums Inc.
 * @license MIT
 */

namespace Garden\Password;

/**
 * Implements the default Vanilla password algorithm.
 */
class VanillaPassword extends PhpassPassword {
    /**
     * Initialize an instance of the {@link VanillaPassword} class.
     */
    public function __construct() {
        parent::__construct(PhpassPassword::HASH_BEST);
    }

    /**
     * {@inheritdoc}
     */
    public function hash($password) {
        if ($this->hashMethod === static::HASH_BEST && function_exists('password_hash')) {
            return password_hash($password, PASSWORD_DEFAULT);
        } else {
            return parent::hash($password);
        }
    }

    /**
     * {@inheritdoc}
     */
    public function needsRehash($hash) {
        if ($this->hashMethod === static::HASH_BEST &&  function_exists('password_needs_rehash')) {
            return password_needs_rehash($hash, PASSWORD_DEFAULT);
        } elseif (($this->hashMethod & static::HASH_BLOWFISH) && CRYPT_BLOWFISH === 1) {
            return !(preg_match('`^\$(2[axy]|[56])\$`', $hash) && strlen($hash) === 60);
        } elseif (($this->hashMethod & static::HASH_EXTDES) && CRYPT_EXT_DES === 1) {
            return !(preg_match('`^_[./0-9A-Za-z]{8}`', $hash) && strlen($hash) === 20);
        } else {
            return !(preg_match('`^\$([PH])\$`', $hash) && strlen($hash) === 34);
        }
    }

    /**
     * {@inheritdoc}
     */
    public function verify($password, $hash) {
        if (!$hash) {
            return false;
        }

        if ($this->hashMethod === static::HASH_BEST &&
            function_exists('password_verify') &&
            password_verify((string)$password, (string)$hash)) {

            return true;
        }

        if (!$hash) {
            return false;
        }

        // Check against a php pass style password.
        if (in_array(substr($hash, 0, 1), ['_', '$'])) {
            return parent::verify($password, $hash);
        } elseif (md5($password) === $hash) {
            return true;
        } elseif ($password === $hash) {
            return true;
        }
        return false;

    }
}


1		<?php
2		/**
3		* @author Todd Burry <[email protected]>
4		* @copyright 2009-2014 Vanilla Forums Inc.
5		* @license MIT
6		*/
7
8		namespace Garden\Password;
9
10		/**
11		* Implements the default Vanilla password algorithm.
12		*/
13		class VanillaPassword extends PhpassPassword {
14		/**
15		* Initialize an instance of the {@link VanillaPassword} class.
16		*/
17	2	public function __construct() {
18	2	parent::__construct(PhpassPassword::HASH_BEST);
19	2	}
20
21		/**
22		* {@inheritdoc}
23		*/
24	5	public function hash($password) {
25	5	if ($this->hashMethod === static::HASH_BEST && function_exists('password_hash')) {
26	4	return password_hash($password, PASSWORD_DEFAULT);
27		} else {
28	1	return parent::hash($password);
29		}
30		}
31
32		/**
33		* {@inheritdoc}
34		*/
35	2	public function needsRehash($hash) {
36	2	if ($this->hashMethod === static::HASH_BEST && function_exists('password_needs_rehash')) {
37	2	return password_needs_rehash($hash, PASSWORD_DEFAULT);
38	1	} elseif (($this->hashMethod & static::HASH_BLOWFISH) && CRYPT_BLOWFISH === 1) {
39	1	return !(preg_match('`^\$(2[axy]\|[56])\$`', $hash) && strlen($hash) === 60);
40	1	} elseif (($this->hashMethod & static::HASH_EXTDES) && CRYPT_EXT_DES === 1) {
41	1	return !(preg_match('`^_[./0-9A-Za-z]{8}`', $hash) && strlen($hash) === 20);
42		} else {
43	1	return !(preg_match('`^\$([PH])\$`', $hash) && strlen($hash) === 34);
44		}
45		}
46
47		/**
48		* {@inheritdoc}
49		*/
50	5	public function verify($password, $hash) {
51	5	if (!$hash) {
52	2	return false;
53		}
54
55	4	if ($this->hashMethod === static::HASH_BEST &&
56	4	function_exists('password_verify') &&
57	4	password_verify((string)$password, (string)$hash)) {
58
59	2	return true;
60		}
61
62	3	if (!$hash) {
63		return false;
64		}
65
66		// Check against a php pass style password.
67	3	if (in_array(substr($hash, 0, 1), ['_', '$'])) {
68	3	return parent::verify($password, $hash);
69	1	} elseif (md5($password) === $hash) {
70	1	return true;
71	1	} elseif ($password === $hash) {
72	1	return true;
73		}
74	1	return false;
75
76		}
77		}
78

vanilla / garden

Pull Request — master (#3)

VanillaPassword::verify() D

Complexity

Size

Duplication

Code Coverage

Importance

Duplication Side-by-Side

Filter issues like