[BUGFIX] Reports: Wrong indication for saltedpasswords
authorMarkus Klein <klein.t3@mfc-linz.at>
Sun, 15 Apr 2012 08:55:23 +0000 (10:55 +0200)
committerSteffen Gebert <steffen.gebert@typo3.org>
Sun, 15 Apr 2012 14:29:47 +0000 (16:29 +0200)
The reports module shows a wrong status indication for saltedpasswords
if it is configured to forceSalted.

Change-Id: I7cb87cafb9867a45846ec8bb1e636000ffbaebbb
Fixes: #36093
Releases: 6.0, 4.7, 4.6, 4.5
Reviewed-on: http://review.typo3.org/10522
Reviewed-by: Stefan Galinski
Tested-by: Stefan Galinski
Reviewed-by: Steffen Gebert
Tested-by: Steffen Gebert
typo3/sysext/reports/reports/status/class.tx_reports_reports_status_securitystatus.php

index f2e0761..0af5dfe 100644 (file)
@@ -276,10 +276,12 @@ class tx_reports_reports_status_SecurityStatus implements tx_reports_StatusProvi
                                $severity = tx_reports_reports_status_Status::ERROR;
                                $messageDetail .= $flashMessage;
                        }
-                       if (strpos($flashMessage, 'message-warning') !== FALSE ||
-                               strpos($flashMessage, 'message-information') !== FALSE) {
+                       if (strpos($flashMessage, 'message-warning') !== FALSE) {
                                $severity = tx_reports_reports_status_Status::WARNING;
-                               $message .= $flashMessage;
+                               $messageDetail .= $flashMessage;
+                       }
+                       if (strpos($flashMessage, 'message-information') !== FALSE) {
+                               $messageDetail .= $flashMessage;
                        }
 
                        $unsecureUserCount = tx_saltedpasswords_div::getNumberOfBackendUsersWithInsecurePassword();