mirror of
https://github.com/the-djmaze/snappymail.git
synced 2026-07-09 06:28:28 +03:00
Set more #[\SensitiveParameter] for #1343
This commit is contained in:
parent
f869ed5121
commit
7bd76a19b5
4 changed files with 31 additions and 7 deletions
|
|
@ -22,7 +22,10 @@ trait UserAuth
|
|||
/**
|
||||
* @throws \RainLoop\Exceptions\ClientException
|
||||
*/
|
||||
public function resolveLoginCredentials(string &$sEmail, string &$sPassword, string &$sLogin): void
|
||||
public function resolveLoginCredentials(string &$sEmail,
|
||||
#[\SensitiveParameter]
|
||||
string &$sPassword,
|
||||
string &$sLogin): void
|
||||
{
|
||||
$this->Plugins()->RunHook('login.credentials.step-1', array(&$sEmail));
|
||||
|
||||
|
|
@ -113,7 +116,11 @@ trait UserAuth
|
|||
/**
|
||||
* @throws \RainLoop\Exceptions\ClientException
|
||||
*/
|
||||
public function LoginProcess(string &$sEmail, string &$sPassword, bool $bMainAccount = true): Account
|
||||
public function LoginProcess(string &$sEmail,
|
||||
#[\SensitiveParameter]
|
||||
string &$sPassword,
|
||||
bool $bMainAccount = true
|
||||
): Account
|
||||
{
|
||||
$sInputEmail = $sEmail;
|
||||
|
||||
|
|
|
|||
|
|
@ -77,7 +77,11 @@ abstract class Api
|
|||
return APP_VERSION;
|
||||
}
|
||||
|
||||
public static function CreateUserSsoHash(string $sEmail, string $sPassword, array $aAdditionalOptions = array(), bool $bUseTimeout = true) : ?string
|
||||
public static function CreateUserSsoHash(string $sEmail,
|
||||
#[\SensitiveParameter]
|
||||
string $sPassword,
|
||||
array $aAdditionalOptions = array(), bool $bUseTimeout = true
|
||||
) : ?string
|
||||
{
|
||||
$sSsoHash = \MailSo\Base\Utils::Sha1Rand(\sha1($sPassword.$sEmail));
|
||||
|
||||
|
|
|
|||
|
|
@ -116,12 +116,18 @@ class Application extends \RainLoop\Config\AbstractConfig
|
|||
parent::Set($sSectionKey, $sParamKey, $mParamValue);
|
||||
}
|
||||
|
||||
public function SetPassword(string $sPassword) : void
|
||||
public function SetPassword(
|
||||
#[\SensitiveParameter]
|
||||
string $sPassword
|
||||
) : void
|
||||
{
|
||||
$this->Set('security', 'admin_password', \password_hash($sPassword, PASSWORD_DEFAULT));
|
||||
}
|
||||
|
||||
public function ValidatePassword(string $sPassword) : bool
|
||||
public function ValidatePassword(
|
||||
#[\SensitiveParameter]
|
||||
string $sPassword
|
||||
) : bool
|
||||
{
|
||||
$sConfigPassword = (string) $this->Get('security', 'admin_password', '');
|
||||
if (32 == \strlen($sPassword) && \md5(APP_SALT.$sPassword.APP_SALT) === $sConfigPassword) {
|
||||
|
|
|
|||
|
|
@ -130,7 +130,10 @@ trait CardDAV
|
|||
return null;
|
||||
}
|
||||
|
||||
private function getContactsPaths(DAVClient $oClient, string $sPath, string $sUser, string $sPassword, string $sProxy = '') : array
|
||||
private function getContactsPaths(DAVClient $oClient, string $sPath, string $sUser,
|
||||
#[\SensitiveParameter]
|
||||
string $sPassword,
|
||||
string $sProxy = '') : array
|
||||
{
|
||||
$aContactsPaths = array();
|
||||
|
||||
|
|
@ -291,7 +294,11 @@ trait CardDAV
|
|||
return $bGood;
|
||||
}
|
||||
|
||||
private function getDavClientFromUrl(string $sUrl, string $sUser, string $sPassword, string $sProxy = '') : DAVClient
|
||||
private function getDavClientFromUrl(string $sUrl, string $sUser,
|
||||
#[\SensitiveParameter]
|
||||
string $sPassword,
|
||||
string $sProxy = ''
|
||||
) : DAVClient
|
||||
{
|
||||
if (!\preg_match('/^http[s]?:\/\//i', $sUrl)) {
|
||||
$sUrl = \preg_replace('/^fruux\.com/i', 'dav.fruux.com', $sUrl);
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue