Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Automatic password hashing should be optional. #68

Open
justinhernandez opened this issue Jan 22, 2010 · 3 comments
Open

Automatic password hashing should be optional. #68

justinhernandez opened this issue Jan 22, 2010 · 3 comments

Comments

@justinhernandez
Copy link

sprig.php line 470

if (isset($field->hash_with) AND $changed)
{
$changed = call_user_func($field->hash_with, $changed);
}

should be changed to this

if (isset($field->hash_with) AND $changed)
{
if ($field->hash_with !== FALSE)
$changed = call_user_func($field->hash_with, $changed);
}
@banks
Copy link

banks commented Jan 23, 2010

Why?

If you don't want it, set it to NULL. A NULL value by definition fails isset().

@justinhernandez
Copy link
Author

Yeah NULL will work. Just thought FALSE would be more in line with the rest of the options. I don't think auto hashing should be set by default. It's a good option to have but it can be confusing when approaching sprig for the first time.

@HNygard
Copy link

HNygard commented Feb 17, 2010

What if you just don't define hash_with? This will make the isset() fail and accordingly not hash the field.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@justinhernandez @banks @HNygard