SF Bug #3392644 - Cannot authenticate if password starts or ends with spaces

This commit is contained in:
Deon George 2011-10-06 10:40:41 +11:00
parent c57a927311
commit 4089ffa9fe

View File

@ -648,11 +648,11 @@ function error($msg,$type='note',$redirect=null,$fatal=false,$backtrace=false) {
function get_request($attr,$type='POST',$die=false,$default=null) {
switch($type) {
case 'GET':
$value = isset($_GET[$attr]) ? (is_array($_GET[$attr]) ? $_GET[$attr] : (trim(empty($_GET['nodecode'][$attr]) ? rawurldecode($_GET[$attr]) : $_GET[$attr]))) : $default;
$value = isset($_GET[$attr]) ? (is_array($_GET[$attr]) ? $_GET[$attr] : (empty($_GET['nodecode'][$attr]) ? rawurldecode($_GET[$attr]) : $_GET[$attr])) : $default;
break;
case 'REQUEST':
$value = isset($_REQUEST[$attr]) ? (is_array($_REQUEST[$attr]) ? $_REQUEST[$attr] : trim(empty($_REQUEST['nodecode'][$attr]) ? rawurldecode($_REQUEST[$attr]) : $_REQUEST[$attr])) : $default;
$value = isset($_REQUEST[$attr]) ? (is_array($_REQUEST[$attr]) ? $_REQUEST[$attr] : (empty($_REQUEST['nodecode'][$attr]) ? rawurldecode($_REQUEST[$attr]) : $_REQUEST[$attr])) : $default;
break;
case 'SESSION':
@ -661,7 +661,7 @@ function get_request($attr,$type='POST',$die=false,$default=null) {
case 'POST':
default:
$value = isset($_POST[$attr]) ? (is_array($_POST[$attr]) ? $_POST[$attr] : trim(empty($_POST['nodecode'][$attr]) ? rawurldecode($_POST[$attr]) : $_POST[$attr])) : $default;
$value = isset($_POST[$attr]) ? (is_array($_POST[$attr]) ? $_POST[$attr] : (empty($_POST['nodecode'][$attr]) ? rawurldecode($_POST[$attr]) : $_POST[$attr])) : $default;
break;
}
@ -745,7 +745,7 @@ function blowfish_encrypt($data,$secret=null) {
if (! trim($secret))
return $data;
if (function_exists('mcrypt_module_open') && trim($data)) {
if (function_exists('mcrypt_module_open') && ! empty($data)) {
$td = mcrypt_module_open(MCRYPT_BLOWFISH,'',MCRYPT_MODE_ECB,'');
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td),MCRYPT_DEV_URANDOM);
mcrypt_generic_init($td,substr($secret,0,mcrypt_enc_get_key_size($td)),$iv);
@ -771,6 +771,7 @@ function blowfish_encrypt($data,$secret=null) {
$encrypt .= $pma_cipher->encryptBlock($block, $secret);
}
return base64_encode($encrypt);
}
@ -800,7 +801,7 @@ function blowfish_decrypt($encdata,$secret=null) {
if (! trim($secret))
return $encdata;
if (function_exists('mcrypt_module_open') && trim($encdata)) {
if (function_exists('mcrypt_module_open') && ! empty($encdata)) {
$td = mcrypt_module_open(MCRYPT_BLOWFISH,'',MCRYPT_MODE_ECB,'');
$iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td),MCRYPT_DEV_URANDOM);
mcrypt_generic_init($td,substr($secret,0,mcrypt_enc_get_key_size($td)),$iv);
@ -822,7 +823,8 @@ function blowfish_decrypt($encdata,$secret=null) {
for ($i=0; $i<strlen($data); $i+=8)
$decrypt .= $pma_cipher->decryptBlock(substr($data, $i, 8), $secret);
$return = trim($decrypt);
// Strip off our \0's that were added.
$return = preg_replace("/\\0*$/",'',$decrypt);
$CACHE[$encdata] = $return;
return $return;
}