Changeset 3627:9bccfc2257ad for admin/users_actions.php

Timestamp:

12/19/17 17:27:59 (8 years ago)

Author:

franck <carnet.franck.paul@…>

Branch:

default

Message:

Use PHP 5.5+ new password functions, closes #2182

Warnings:

$core->auth->crypt($pwd) doesn't return twice the same result for a single $pwd, so if you need this old behaviour use the $core->auth->cryptLegacy($pwd) instead.
$core->auth->checkPassword($pwd) must be used with an uncrypted password string as argument.
if you need a unique UID/key, use http::browserUID(DC_MASTER_KEY.$core->auth->userID().$core->auth->cryptLegacy($core->auth->userID())). (may be refined in future)

File:

admin/users_actions.php

r3183	r3627
97	97	try
98	98	{
99		if (empty($_POST['your_pwd']) \|\| !$core->auth->checkPassword($~~core->auth->crypt($_POST['your_pwd'])~~)) {
	99	if (empty($_POST['your_pwd']) \|\| !$core->auth->checkPassword($_POST['your_pwd'])) {
100	100	throw new Exception(__('Password verification failed'));
101	101	}

Note: See TracChangeset for help on using the changeset viewer.