From 96392017024eae2e7720603acd24640ea1cba21c Mon Sep 17 00:00:00 2001 From: Bartek Fabiszewski Date: Wed, 19 Feb 2020 19:26:19 +0100 Subject: [PATCH] Remove password compat --- README.md | 4 +- helpers/password.php | 317 ------------------------------------------- helpers/user.php | 3 - lang/cs.php | 2 - lang/de.php | 2 - lang/en.php | 2 - lang/es.php | 2 - lang/fr.php | 2 - lang/hu.php | 2 - lang/it.php | 2 - lang/nl.php | 2 - lang/pl.php | 2 - lang/ru.php | 2 - lang/zh.php | 2 - scripts/setup.php | 12 +- 15 files changed, 4 insertions(+), 354 deletions(-) delete mode 100644 helpers/password.php diff --git a/README.md b/README.md index f6bdb27..954bbef 100644 --- a/README.md +++ b/README.md @@ -6,8 +6,8 @@ Together with a dedicated [μlogger mobile client](https://github.com/bfabiszews ## Live demo: - http://ulogger-demo.herokuapp.com (test track upload with Android app and editing, login: demo, password: demo) -## Requirements: -- PHP 5.5 (5.4 with [password_compat](https://github.com/bfabiszewski/ulogger-server/blob/04b2b771398d8511bfa6fe8a85d58162bd32fc46/helpers/user.php#L24)) +## Minimum requirements: +- PHP 5.5 - PHP extensions: ctype, json, pdo (with respective drivers), session, simplexml, xmlwriter, xdebug (only for tests) - MySQL, PostgreSQL or SQLite (over PDO driver) - browser with javascript enabled, cookies for authentication and saving preferences diff --git a/helpers/password.php b/helpers/password.php deleted file mode 100644 index 5a4e4a4..0000000 --- a/helpers/password.php +++ /dev/null @@ -1,317 +0,0 @@ - - * @license http://www.opensource.org/licenses/mit-license.html MIT License - * @copyright 2012 The Authors - */ - -namespace { - - if (!defined('PASSWORD_BCRYPT')) { - /** - * PHPUnit Process isolation caches constants, but not function declarations. - * So we need to check if the constants are defined separately from - * the functions to enable supporting process isolation in userland - * code. - */ - define('PASSWORD_BCRYPT', 1); - define('PASSWORD_DEFAULT', PASSWORD_BCRYPT); - define('PASSWORD_BCRYPT_DEFAULT_COST', 10); - } - - if (!function_exists('password_hash')) { - - /** - * Hash the password using the specified algorithm - * - * @param string $password The password to hash - * @param int $algo The algorithm to use (Defined by PASSWORD_* constants) - * @param array $options The options for the algorithm to use - * - * @return string|false The hashed password, or false on error. - */ - function password_hash($password, $algo, array $options = array()) { - if (!function_exists('crypt')) { - trigger_error("Crypt must be loaded for password_hash to function", E_USER_WARNING); - return null; - } - if (is_null($password) || is_int($password)) { - $password = (string) $password; - } - if (!is_string($password)) { - trigger_error("password_hash(): Password must be a string", E_USER_WARNING); - return null; - } - if (!is_int($algo)) { - trigger_error("password_hash() expects parameter 2 to be long, " . gettype($algo) . " given", E_USER_WARNING); - return null; - } - $resultLength = 0; - switch ($algo) { - case PASSWORD_BCRYPT: - $cost = PASSWORD_BCRYPT_DEFAULT_COST; - if (isset($options['cost'])) { - $cost = (int) $options['cost']; - if ($cost < 4 || $cost > 31) { - trigger_error(sprintf("password_hash(): Invalid bcrypt cost parameter specified: %d", $cost), E_USER_WARNING); - return null; - } - } - // The length of salt to generate - $raw_salt_len = 16; - // The length required in the final serialization - $required_salt_len = 22; - $hash_format = sprintf("$2y$%02d$", $cost); - // The expected length of the final crypt() output - $resultLength = 60; - break; - default: - trigger_error(sprintf("password_hash(): Unknown password hashing algorithm: %s", $algo), E_USER_WARNING); - return null; - } - $salt_req_encoding = false; - if (isset($options['salt'])) { - switch (gettype($options['salt'])) { - case 'NULL': - case 'boolean': - case 'integer': - case 'double': - case 'string': - $salt = (string) $options['salt']; - break; - case 'object': - if (method_exists($options['salt'], '__tostring')) { - $salt = (string) $options['salt']; - break; - } - case 'array': - case 'resource': - default: - trigger_error('password_hash(): Non-string salt parameter supplied', E_USER_WARNING); - return null; - } - if (PasswordCompat\binary\_strlen($salt) < $required_salt_len) { - trigger_error(sprintf("password_hash(): Provided salt is too short: %d expecting %d", PasswordCompat\binary\_strlen($salt), $required_salt_len), E_USER_WARNING); - return null; - } elseif (0 == preg_match('#^[a-zA-Z0-9./]+$#D', $salt)) { - $salt_req_encoding = true; - } - } else { - $buffer = ''; - $buffer_valid = false; - if (function_exists('mcrypt_create_iv') && !defined('PHALANGER')) { - $buffer = mcrypt_create_iv($raw_salt_len, MCRYPT_DEV_URANDOM); - if ($buffer) { - $buffer_valid = true; - } - } - if (!$buffer_valid && function_exists('openssl_random_pseudo_bytes')) { - $strong = false; - $buffer = openssl_random_pseudo_bytes($raw_salt_len, $strong); - if ($buffer && $strong) { - $buffer_valid = true; - } - } - if (!$buffer_valid && @is_readable('/dev/urandom')) { - $file = fopen('/dev/urandom', 'r'); - $read = 0; - $local_buffer = ''; - while ($read < $raw_salt_len) { - $local_buffer .= fread($file, $raw_salt_len - $read); - $read = PasswordCompat\binary\_strlen($local_buffer); - } - fclose($file); - if ($read >= $raw_salt_len) { - $buffer_valid = true; - } - $buffer = str_pad($buffer, $raw_salt_len, "\0") ^ str_pad($local_buffer, $raw_salt_len, "\0"); - } - if (!$buffer_valid || PasswordCompat\binary\_strlen($buffer) < $raw_salt_len) { - $buffer_length = PasswordCompat\binary\_strlen($buffer); - for ($i = 0; $i < $raw_salt_len; $i++) { - if ($i < $buffer_length) { - $buffer[$i] = $buffer[$i] ^ chr(mt_rand(0, 255)); - } else { - $buffer .= chr(mt_rand(0, 255)); - } - } - } - $salt = $buffer; - $salt_req_encoding = true; - } - if ($salt_req_encoding) { - // encode string with the Base64 variant used by crypt - $base64_digits = - 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'; - $bcrypt64_digits = - './ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'; - - $base64_string = base64_encode($salt); - $salt = strtr(rtrim($base64_string, '='), $base64_digits, $bcrypt64_digits); - } - $salt = PasswordCompat\binary\_substr($salt, 0, $required_salt_len); - - $hash = $hash_format . $salt; - - $ret = crypt($password, $hash); - - if (!is_string($ret) || PasswordCompat\binary\_strlen($ret) != $resultLength) { - return false; - } - - return $ret; - } - - /** - * Get information about the password hash. Returns an array of the information - * that was used to generate the password hash. - * - * array( - * 'algo' => 1, - * 'algoName' => 'bcrypt', - * 'options' => array( - * 'cost' => PASSWORD_BCRYPT_DEFAULT_COST, - * ), - * ) - * - * @param string $hash The password hash to extract info from - * - * @return array The array of information about the hash. - */ - function password_get_info($hash) { - $return = array( - 'algo' => 0, - 'algoName' => 'unknown', - 'options' => array(), - ); - if (PasswordCompat\binary\_substr($hash, 0, 4) == '$2y$' && PasswordCompat\binary\_strlen($hash) == 60) { - $return['algo'] = PASSWORD_BCRYPT; - $return['algoName'] = 'bcrypt'; - list($cost) = sscanf($hash, "$2y$%d$"); - $return['options']['cost'] = $cost; - } - return $return; - } - - /** - * Determine if the password hash needs to be rehashed according to the options provided - * - * If the answer is true, after validating the password using password_verify, rehash it. - * - * @param string $hash The hash to test - * @param int $algo The algorithm used for new password hashes - * @param array $options The options array passed to password_hash - * - * @return boolean True if the password needs to be rehashed. - */ - function password_needs_rehash($hash, $algo, array $options = array()) { - $info = password_get_info($hash); - if ($info['algo'] !== (int) $algo) { - return true; - } - switch ($algo) { - case PASSWORD_BCRYPT: - $cost = isset($options['cost']) ? (int) $options['cost'] : PASSWORD_BCRYPT_DEFAULT_COST; - if ($cost !== $info['options']['cost']) { - return true; - } - break; - } - return false; - } - - /** - * Verify a password against a hash using a timing attack resistant approach - * - * @param string $password The password to verify - * @param string $hash The hash to verify against - * - * @return boolean If the password matches the hash - */ - function password_verify($password, $hash) { - if (!function_exists('crypt')) { - trigger_error("Crypt must be loaded for password_verify to function", E_USER_WARNING); - return false; - } - $ret = crypt($password, $hash); - if (!is_string($ret) || PasswordCompat\binary\_strlen($ret) != PasswordCompat\binary\_strlen($hash) || PasswordCompat\binary\_strlen($ret) <= 13) { - return false; - } - - $status = 0; - for ($i = 0; $i < PasswordCompat\binary\_strlen($ret); $i++) { - $status |= (ord($ret[$i]) ^ ord($hash[$i])); - } - - return $status === 0; - } - } - -} - -namespace PasswordCompat\binary { - - if (!function_exists('PasswordCompat\\binary\\_strlen')) { - - /** - * Count the number of bytes in a string - * - * We cannot simply use strlen() for this, because it might be overwritten by the mbstring extension. - * In this case, strlen() will count the number of *characters* based on the internal encoding. A - * sequence of bytes might be regarded as a single multibyte character. - * - * @param string $binary_string The input string - * - * @internal - * @return int The number of bytes - */ - function _strlen($binary_string) { - if (function_exists('mb_strlen')) { - return mb_strlen($binary_string, '8bit'); - } - return strlen($binary_string); - } - - /** - * Get a substring based on byte limits - * - * @see _strlen() - * - * @param string $binary_string The input string - * @param int $start - * @param int $length - * - * @internal - * @return string The substring - */ - function _substr($binary_string, $start, $length) { - if (function_exists('mb_substr')) { - return mb_substr($binary_string, $start, $length, '8bit'); - } - return substr($binary_string, $start, $length); - } - - /** - * Check if current PHP version is compatible with the library - * - * @return boolean the check result - */ - function check() { - static $pass = NULL; - - if (is_null($pass)) { - if (function_exists('crypt')) { - $hash = '$2y$04$usesomesillystringfore7hnbRJHxXVLeakoG8K30oukPsA.ztMG'; - $test = crypt("password", $hash); - $pass = $test == $hash; - } else { - $pass = false; - } - } - return $pass; - } - - } -} \ No newline at end of file diff --git a/helpers/user.php b/helpers/user.php index 5e09c7f..30c160d 100644 --- a/helpers/user.php +++ b/helpers/user.php @@ -21,9 +21,6 @@ require_once(ROOT_DIR . "/helpers/track.php"); require_once(ROOT_DIR . "/helpers/position.php"); - // for PHP 5.4 uncomment following line to include password_compat library - //require_once(ROOT_DIR . "/helpers/password.php"); - /** * User handling routines */ diff --git a/lang/cs.php b/lang/cs.php index dba993c..a4a82d2 100644 --- a/lang/cs.php +++ b/lang/cs.php @@ -34,8 +34,6 @@ $langSetup["setupfailed"] = "Bohužel se něco pokazilo. Můžete se pokusit naj $langSetup["welcome"] = "Vítejte v µloggeru. "; $langSetup["disabledwarn"] = "Z bezpečnostních důvodů je tento skript ve výchozím nastavení zakázán. Pro jeho aktivaci musíte upravit soubor 'scripts/setup.php' v textovém editoru a nastavit %s proměnnou na začátku souboru na %s."; // substitutes variable name and value $langSetup["lineshouldread"] = "Řádek: %s by měl číst: %s"; -$langSetup["passfuncwarn"] = "Vaše verze PHP nepodporuje funkce hesla, které jsou dodávány s PHP 5.5. Musíte zahrnout knihovnu password_compat."; -$langSetup["passfunchack"] = "Upravte soubor 'helpers/user.php' a řádek s příkazy včetně 'helpers/password.php'."; $langSetup["dorestart"] = "Po dokončení skriptu restartujte tento skript."; $langSetup["createconfig"] = "Vytvořte soubor 'config.php' v kořenové složce. Můžete začít zkopírováním z 'config.default.php'. Ujistěte se, že jste nastavili konfigurační hodnoty tak, aby odpovídaly vašim potřebám a nastavení vaší databáze."; $langSetup["nodbsettings"] = "Musíte zadat své údaje databáze v souboru 'config.php' (%s)."; // substitutes variable names diff --git a/lang/de.php b/lang/de.php index 466b20e..c239e73 100644 --- a/lang/de.php +++ b/lang/de.php @@ -34,8 +34,6 @@ $langSetup["setupfailed"] = "Das hat leider nicht funktioniert. Du findest mögl $langSetup["welcome"] = "Willkommen bei µlogger!"; $langSetup["disabledwarn"] = "Aus Sicherheitsgründen ist das Skript standardmäßig deaktiviert. Zum Aktivieren editiere die Datei 'scripts/setup.php' und setze die Variable %s am Anfang der Datei auf den Wert %s."; // substitutes variable name and value $langSetup["lineshouldread"] = "Zeile %s sollte den Wert %s enthalten."; -$langSetup["passfuncwarn"] = "Your PHP version does not support password functions that ship with PHP 5.5. You have to include password_compat library."; -$langSetup["passfunchack"] = "Please edit 'helpers/user.php' file and uncomment line including 'helpers/password.php'."; $langSetup["dorestart"] = "Rufe das Skript erneut auf wenn das erledigt ist."; $langSetup["createconfig"] = "Bitte erstellt die Datei 'config.php' im Stammverzeichnis. Du kannst die Datei 'config.default.php' umbenennen oder kopieren. Stelle sicher, dass in der Datei die korrekten Einstellungen hinterlegt sind."; $langSetup["nodbsettings"] = "Die Verbindungsdaten zur Datenbank müssen in der Datei 'config.php' hinterlegt werden. (%s)"; // substitutes variable names diff --git a/lang/en.php b/lang/en.php index 19a10fa..4ace2e0 100644 --- a/lang/en.php +++ b/lang/en.php @@ -34,8 +34,6 @@ $langSetup["setupfailed"] = "Unfortunately something has gone wrong. You may try $langSetup["welcome"] = "Welcome to µlogger!"; $langSetup["disabledwarn"] = "For security reasons this script is disabled by default. To enable it you must edit 'scripts/setup.php' file in text editor and set %s variable at the beginning of the file to %s."; // substitutes variable name and value $langSetup["lineshouldread"] = "Line: %s should read: %s"; -$langSetup["passfuncwarn"] = "Your PHP version does not support password functions that ship with PHP 5.5. You have to include password_compat library."; -$langSetup["passfunchack"] = "Please edit 'helpers/user.php' file and uncomment line including 'helpers/password.php'."; $langSetup["dorestart"] = "Please restart this script when you are done."; $langSetup["createconfig"] = "Please create 'config.php' file in root folder. You may start by copying it from 'config.default.php'. Make sure that you adjust config values to match your needs and your database setup."; $langSetup["nodbsettings"] = "You must provide your database credentials in 'config.php' file (%s)."; // substitutes variable names diff --git a/lang/es.php b/lang/es.php index 88413ad..97dfffd 100644 --- a/lang/es.php +++ b/lang/es.php @@ -34,8 +34,6 @@ $langSetup["setupfailed"] = "Unfortunately something has gone wrong. You may try $langSetup["welcome"] = "Welcome to µlogger!"; $langSetup["disabledwarn"] = "For security reasons this script is disabled by default. To enable it you must edit 'scripts/setup.php' file in text editor and set %s variable at the beginning of the file to %s."; // substitutes variable name and value $langSetup["lineshouldread"] = "Line: %s should read: %s"; -$langSetup["passfuncwarn"] = "Your PHP version does not support password functions that ship with PHP 5.5. You have to include password_compat library."; -$langSetup["passfunchack"] = "Please edit 'helpers/user.php' file and uncomment line including 'helpers/password.php'."; $langSetup["dorestart"] = "Please restart this script when you are done."; $langSetup["createconfig"] = "Please create 'config.php' file in root folder. You may start by copying it from 'config.default.php'. Make sure that you adjust config values to match your needs and your database setup."; $langSetup["nodbsettings"] = "You must provide your database credentials in 'config.php' file (%s)."; // substitutes variable names diff --git a/lang/fr.php b/lang/fr.php index 32f390d..6a9e58e 100644 --- a/lang/fr.php +++ b/lang/fr.php @@ -34,8 +34,6 @@ $langSetup["setupfailed"] = "Unfortunately something has gone wrong. You may try $langSetup["welcome"] = "Welcome to µlogger!"; $langSetup["disabledwarn"] = "For security reasons this script is disabled by default. To enable it you must edit 'scripts/setup.php' file in text editor and set %s variable at the beginning of the file to %s."; // substitutes variable name and value $langSetup["lineshouldread"] = "Line: %s should read: %s"; -$langSetup["passfuncwarn"] = "Your PHP version does not support password functions that ship with PHP 5.5. You have to include password_compat library."; -$langSetup["passfunchack"] = "Please edit 'helpers/user.php' file and uncomment line including 'helpers/password.php'."; $langSetup["dorestart"] = "Please restart this script when you are done."; $langSetup["createconfig"] = "Please create 'config.php' file in root folder. You may start by copying it from 'config.default.php'. Make sure that you adjust config values to match your needs and your database setup."; $langSetup["nodbsettings"] = "You must provide your database credentials in 'config.php' file (%s)."; // substitutes variable names diff --git a/lang/hu.php b/lang/hu.php index 1e62484..290184d 100644 --- a/lang/hu.php +++ b/lang/hu.php @@ -34,8 +34,6 @@ $langSetup["setupfailed"] = "Unfortunately something has gone wrong. You may try $langSetup["welcome"] = "Welcome to µlogger!"; $langSetup["disabledwarn"] = "For security reasons this script is disabled by default. To enable it you must edit 'scripts/setup.php' file in text editor and set %s variable at the beginning of the file to %s."; // substitutes variable name and value $langSetup["lineshouldread"] = "Line: %s should read: %s"; -$langSetup["passfuncwarn"] = "Your PHP version does not support password functions that ship with PHP 5.5. You have to include password_compat library."; -$langSetup["passfunchack"] = "Please edit 'helpers/user.php' file and uncomment line including 'helpers/password.php'."; $langSetup["dorestart"] = "Please restart this script when you are done."; $langSetup["createconfig"] = "Please create 'config.php' file in root folder. You may start by copying it from 'config.default.php'. Make sure that you adjust config values to match your needs and your database setup."; $langSetup["nodbsettings"] = "You must provide your database credentials in 'config.php' file (%s)."; // substitutes variable names diff --git a/lang/it.php b/lang/it.php index f0ca53e..d2a39b6 100644 --- a/lang/it.php +++ b/lang/it.php @@ -34,8 +34,6 @@ $langSetup["setupfailed"] = "Qualcosa è andato storto. Potresti trovare maggior $langSetup["welcome"] = "Benvenuto su µlogger!"; $langSetup["disabledwarn"] = "Per ragioni di sicurezza questo script è disabilitato di default. Per abilitarlo devi modificare il file 'scripts/setup.php' con un editor di testo ed impostare la variabile %s all'inizio del file in %s."; // substitutes variable name and value $langSetup["lineshouldread"] = "Linea: %s dovrebbe essere: %s"; -$langSetup["passfuncwarn"] = "La tua versione di PHP non supporta le funzioni per le password di PHP 5.5. Devi includere la libreria password_compat."; -$langSetup["passfunchack"] = "Modificare il file 'helpers/user.php' e decommentare la linea che include 'helpers/password.php'."; $langSetup["dorestart"] = "Riavviare lo script quando hai finito."; $langSetup["createconfig"] = "Creare il file 'config.php' nella cartella radice. Puoi cominciare copiando il file 'config.default.php'. Modifica i valori per renderli compatibili con il tuo database."; $langSetup["nodbsettings"] = "Devi provvedere le credenziali del database in 'config.php' (%s)."; // substitutes variable names diff --git a/lang/nl.php b/lang/nl.php index f73eb33..cea30c6 100644 --- a/lang/nl.php +++ b/lang/nl.php @@ -34,8 +34,6 @@ $langSetup["setupfailed"] = "Unfortunately something has gone wrong. You may try $langSetup["welcome"] = "Welcome to µlogger!"; $langSetup["disabledwarn"] = "For security reasons this script is disabled by default. To enable it you must edit 'scripts/setup.php' file in text editor and set %s variable at the beginning of the file to %s."; // substitutes variable name and value $langSetup["lineshouldread"] = "Line: %s should read: %s"; -$langSetup["passfuncwarn"] = "Your PHP version does not support password functions that ship with PHP 5.5. You have to include password_compat library."; -$langSetup["passfunchack"] = "Please edit 'helpers/user.php' file and uncomment line including 'helpers/password.php'."; $langSetup["dorestart"] = "Please restart this script when you are done."; $langSetup["createconfig"] = "Please create 'config.php' file in root folder. You may start by copying it from 'config.default.php'. Make sure that you adjust config values to match your needs and your database setup."; $langSetup["nodbsettings"] = "You must provide your database credentials in 'config.php' file (%s)."; // substitutes variable names diff --git a/lang/pl.php b/lang/pl.php index 9b13abf..b18ea93 100644 --- a/lang/pl.php +++ b/lang/pl.php @@ -34,8 +34,6 @@ $langSetup["setupfailed"] = "Niestety coś poszło nie tak. Może znajdziesz wi $langSetup["welcome"] = "Witaj w µloggerze!"; $langSetup["disabledwarn"] = "Ze względów bezpieczeństwa ten skrypt jest domyślnie wyłączony. Aby go aktywować należy otworzyć plik 'scripts/setup.php' w edytorze tekstu i zmienić wartość zmiennej %s na początku pliku na %s."; // substitutes variable name and value $langSetup["lineshouldread"] = "Linia: %s powinna zostać zmieniona na: %s"; -$langSetup["passfuncwarn"] = "Zainstalowana wersja PHP nie zawiera funkcji obsługujących hasła, dostępnych od wersji PHP 5.5. Musisz włączyć bibliotekę 'password_compat'."; -$langSetup["passfunchack"] = "Otwórz proszę plik 'helpers/user.php' w edytorze tekstu i odkomentuj linię włączającą 'helpers/password.php'."; $langSetup["dorestart"] = "Uruchom ten skrypt ponownie, kiedy zakończysz."; $langSetup["createconfig"] = "Utwórz proszę plik 'config.php' w głównym folderze. Możesz skopiować jego początkową zawartość z pliku 'config.default.php'. Pamiętaj, żeby dostosować konfiguracje do swoich potrzeb i ustawień bazy danych."; $langSetup["nodbsettings"] = "Musisz skonfigurować parametry dostępu do bazy danych w pliku 'config.php' (%s)."; // substitutes variable names diff --git a/lang/ru.php b/lang/ru.php index 3dfd6de..9dc2c6c 100644 --- a/lang/ru.php +++ b/lang/ru.php @@ -34,8 +34,6 @@ $langSetup["setupfailed"] = "К сожалению что-то пошло не $langSetup["welcome"] = "Добро пожаловать в µlogger!"; $langSetup["disabledwarn"] = "По соображениям безопасности этот скрипт отключен по умолчанию. Чтобы включить его вы должны отредактировать файл 'scripts/setup.php' и задать значение переменной %s в начале файла как %s."; // substitutes variable name and value $langSetup["lineshouldread"] = "Строка: %s должна читать: %s"; -$langSetup["passfuncwarn"] = "Установленная версия PHP не поддерживает функции паролей доступные с PHP 5.5. Вы должны включить password_compat библиотеку."; -$langSetup["passfunchack"] = "Пожалуйста измените файл 'helpers/user.php' так, чтобы включить 'helpers/password.php'."; $langSetup["dorestart"] = "Пожалуйста перезапустите этот скрипт, когда закончите."; $langSetup["createconfig"] = "Пожалуйста создайте файл 'config.php' в корневой директории. Вы можете просто скопировать его с 'config.default.php' и задать ваши параметры для доступа к вашей базе данных."; $langSetup["nodbsettings"] = "Вам нужно сконфигурировать доступ к вашей базе данных в 'config.php' (%s)."; // substitutes variable names diff --git a/lang/zh.php b/lang/zh.php index c48834c..1b397a5 100644 --- a/lang/zh.php +++ b/lang/zh.php @@ -34,8 +34,6 @@ $langSetup["setupfailed"] = "很不幸,出現了一些錯誤。您可以在網 $langSetup["welcome"] = "歡迎來到µlogger!"; $langSetup["disabledwarn"] = "由於安全原因這個腳本默認時禁用的。要啟用它,您可以通過編輯 'scripts/setup.php' 把檔案開始部分 %s 的值設置為 %s。"; // substitutes variable name and value $langSetup["lineshouldread"] = "行: %s 應該修改為: %s"; -$langSetup["passfuncwarn"] = "您的PHP版本不支援PHP 5.5自帶的密碼函數。您需要引入額外的密碼適配庫。"; -$langSetup["passfunchack"] = "請編輯 'helpers/user.php' 這個檔案,取消引入'helpers/password.php'這一行的注釋。"; $langSetup["dorestart"] = "完成後請重新執行本腳本。"; $langSetup["createconfig"] = "請在項目根目錄創建 'config.php' 檔案。 您可以將'config.default.php'複製為'config.php'。請記得修改裡面的數據庫配置和其他你想要修改的項目。"; $langSetup["nodbsettings"] = "您必須在'config.php' file (%s) 中提供你的數據庫鏈接資料。"; // substitutes variable names diff --git a/scripts/setup.php b/scripts/setup.php index 1089a7e..7773a80 100644 --- a/scripts/setup.php +++ b/scripts/setup.php @@ -25,8 +25,8 @@ $enabled = false; /* no user modifications should be needed below */ /** @noinspection ConstantCanBeUsedInspection */ -if (version_compare(PHP_VERSION, "5.4.0", "<")) { - die("Sorry, ulogger will not work with PHP version lower than 5.4 (you have " . PHP_VERSION . ")"); +if (version_compare(PHP_VERSION, "5.5.0", "<")) { + die("Sorry, ulogger will not work with PHP version lower than 5.5 (you have " . PHP_VERSION . ")"); } define("ROOT_DIR", dirname(__DIR__)); @@ -112,14 +112,6 @@ switch ($command) { $messages[] = "
"; break; } - if (!function_exists("password_hash")) { - $messages[] = $langSetup["passfuncwarn"]; - $messages[] = $langSetup["passfunchack"]; - $messages[] = sprintf($langSetup["lineshouldread"], "
//require_once(ROOT_DIR . \"/helpers/password.php\");
", "
require_once(ROOT_DIR . \"/helpers/password.php\");"); - $messages[] = $langSetup["dorestart"]; - $messages[] = "
"; - break; - } if (!uConfig::isFileLoaded()) { $messages[] = $langSetup["createconfig"]; $messages[] = $langSetup["dorestart"];