[BUGFIX] Reports: Wrong indication for saltedpasswords
authorMarkus Klein <klein.t3@mfc-linz.at>
Sun, 15 Apr 2012 08:55:23 +0000 (10:55 +0200)
committerStefan Galinski <stefan.galinski@gmail.com>
Fri, 29 Jun 2012 08:55:13 +0000 (10:55 +0200)
The reports module shows a wrong status indication for saltedpasswords
if it is configured to forceSalted.

Change-Id: I4621065e8a62a570ba162e340b4e90ea15222423
Fixes: #36093
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10548
Reviewed-by: Philipp Gampe
Reviewed-by: Stefan Neufeind
Reviewed-by: Oliver Klee
Reviewed-by: Stefan Galinski
Tested-by: Stefan Galinski
typo3/sysext/reports/reports/status/class.tx_reports_reports_status_securitystatus.php

index 20ca51e..7e72114 100644 (file)
@@ -263,10 +263,12 @@ class tx_reports_reports_status_SecurityStatus implements tx_reports_StatusProvi
                                $severity = tx_reports_reports_status_Status::ERROR;
                                $messageDetail .= $flashMessage;
                        }
-                       if (strpos($flashMessage, 'message-warning') !== FALSE ||
-                               strpos($flashMessage, 'message-information') !== FALSE) {
+                       if (strpos($flashMessage, 'message-warning') !== FALSE) {
                                $severity = tx_reports_reports_status_Status::WARNING;
-                               $message .= $flashMessage;
+                               $messageDetail .= $flashMessage;
+                       }
+                       if (strpos($flashMessage, 'message-information') !== FALSE) {
+                               $messageDetail .= $flashMessage;
                        }
 
                        $unsecureUserCount = tx_saltedpasswords_div::getNumberOfBackendUsersWithInsecurePassword();