r28264 - in plugins/sfEasyAuthPlugin/branches/2010-02-18_integration-of-doctrine: . lib/model

[fabien . potencier]

Author: allyb
Date: 2010-02-25 07:38:54 +0100 (Thu, 25 Feb 2010)
New Revision: 28264

Modified:
   plugins/sfEasyAuthPlugin/branches/2010-02-18_integration-of-doctrine/ORM
   
plugins/sfEasyAuthPlugin/branches/2010-02-18_integration-of-doctrine/lib/model/sfEasyAuthUserBase.php
Log:
Removed the option to not hash passwords in the setter - it was causing 
problems with Doctrine

Modified: 
plugins/sfEasyAuthPlugin/branches/2010-02-18_integration-of-doctrine/ORM
===================================================================
--- plugins/sfEasyAuthPlugin/branches/2010-02-18_integration-of-doctrine/ORM    
2010-02-25 02:00:40 UTC (rev 28263)
+++ plugins/sfEasyAuthPlugin/branches/2010-02-18_integration-of-doctrine/ORM    
2010-02-25 06:38:54 UTC (rev 28264)
@@ -12,4 +12,11 @@
 
   * To use the Doctrine version, run:
 
-    find . -name '*.php' | xargs perl -i -pe 's!\S*/\*&(.*?)###(.*?)&\*/!$2!g;'
\ No newline at end of file
+    find . -name '*.php' | xargs perl -i -pe 's!\S*/\*&(.*?)###(.*?)&\*/!$2!g;'
+
+Notes
+-----
+When using the Doctrine version of this plugin, it's not safe to call
+$user->password = 'newPassword'. You must *always* use the setter
+instead: $user->setPassword('newPassword'). If you don't, the password
+won't be hashed, preventing users from logging in.
\ No newline at end of file

Modified: 
plugins/sfEasyAuthPlugin/branches/2010-02-18_integration-of-doctrine/lib/model/sfEasyAuthUserBase.php
===================================================================
--- 
plugins/sfEasyAuthPlugin/branches/2010-02-18_integration-of-doctrine/lib/model/sfEasyAuthUserBase.php
       2010-02-25 02:00:40 UTC (rev 28263)
+++ 
plugins/sfEasyAuthPlugin/branches/2010-02-18_integration-of-doctrine/lib/model/sfEasyAuthUserBase.php
       2010-02-25 06:38:54 UTC (rev 28264)
@@ -454,15 +454,14 @@
    * Sets the user's password, hashing it beforehand if it hasn't already been 
hashed.
    * 
    * @param string $password
-   * @param bool $skipPasswordHash Whether to force not hashing the password
    */
-  public function setPassword($password, $skipPasswordHash=false)
+  public function setPassword($password)
   {
     // don't set the password if we've got the default text from the admin 
editor
     if (strcmp(self::PASSWORD_MASK, $password) !== 0)
     {
       // only hash the password if it hasn't been hashed already
-      $hashedPassword  = (!$skipPasswordHash && ($this->getPassword() != 
$password)) ? 
+      $hashedPassword  = ($this->getPassword() != $password) ? 
         $this->hashPassword($password, true) : $password; 
     
       // set the password

-- 
You received this message because you are subscribed to the Google Groups 
"symfony SVN" group.
To post to this group, send email to symfony-...@googlegroups.com.
To unsubscribe from this group, send email to 
symfony-svn+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/symfony-svn?hl=en.