[BUGFIX] Confusing error message in reports module
authorMarkus Klein <klein.t3@mfc-linz.at>
Sun, 18 Dec 2011 04:48:51 +0000 (22:48 -0600)
committerGeorg Ringer <mail@ringerge.org>
Sun, 12 Feb 2012 09:19:57 +0000 (10:19 +0100)
The saltedpasswords status report shows "INSECURE" warnings
although the configuration is totally fine.

Change-Id: I58c5487ea589e38c58cf39511960ecfb91ffed59
Fixes: #32650
Releases: 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/8895
Reviewed-by: Georg Ringer
Tested-by: Georg Ringer
typo3/sysext/reports/reports/status/class.tx_reports_reports_status_securitystatus.php
typo3/sysext/saltedpasswords/classes/class.tx_saltedpasswords_emconfhelper.php

index 404e4e9..20ca51e 100644 (file)
@@ -258,14 +258,16 @@ class tx_reports_reports_status_SecurityStatus implements tx_reports_StatusProvi
                        $messageDetail = '';
                        $flashMessage = $configCheck->checkConfigurationBackend(array(), new t3lib_tsStyleConfig());
 
-                       if (strpos($flashMessage, 'message-error') !== FALSE ||
-                               strpos($flashMessage, 'message-warning') !== FALSE ||
-                               strpos($flashMessage, 'message-information') !== FALSE
-                       ) {
-                               $value    = $GLOBALS['LANG']->getLL('status_insecure');
+                       if (strpos($flashMessage, 'message-error') !== FALSE) {
+                               $value = $GLOBALS['LANG']->getLL('status_insecure');
                                $severity = tx_reports_reports_status_Status::ERROR;
                                $messageDetail .= $flashMessage;
                        }
+                       if (strpos($flashMessage, 'message-warning') !== FALSE ||
+                               strpos($flashMessage, 'message-information') !== FALSE) {
+                               $severity = tx_reports_reports_status_Status::WARNING;
+                               $message .= $flashMessage;
+                       }
 
                        $unsecureUserCount = tx_saltedpasswords_div::getNumberOfBackendUsersWithInsecurePassword();
                        if ($unsecureUserCount > 0) {
index 84c1a57..476e43a 100644 (file)
@@ -235,7 +235,7 @@ EOT;
                        }
                                // forceSalted is set
                        if ($extConf['forceSalted'] && !$extConf['onlyAuthService']) {
-                               $this->setErrorLevel('warning');
+                               $this->setErrorLevel('info');
                                $problems[] = <<< EOT
 SaltedPasswords has been configured to enforce salted passwords (forceSalted).
 <br />
@@ -265,7 +265,7 @@ EOT;
 
                } else {
                        // not enabled warning
-                       $this->setErrorLevel('info');
+                       $this->setErrorLevel('error');
                        $problems[] = 'SaltedPasswords has been disabled for backend users.';
                }