Dotclear


Ignore:
Timestamp:
12/19/17 17:27:59 (8 years ago)
Author:
franck <carnet.franck.paul@…>
Branch:
default
Message:

Use PHP 5.5+ new password functions, closes #2182

Warnings:

  • $core->auth->crypt($pwd) doesn't return twice the same result for a single $pwd, so if you need this old behaviour use the $core->auth->cryptLegacy($pwd) instead.
  • $core->auth->checkPassword($pwd) must be used with an uncrypted password string as argument.
  • if you need a unique UID/key, use http::browserUID(DC_MASTER_KEY.$core->auth->userID().$core->auth->cryptLegacy($core->auth->userID())). (may be refined in future)
File:
1 edited

Legend:

Unmodified
Added
Removed

  • plugins/antispam/inc/lib.dc.antispam.php

    r3231 r3627  
    134134          $code = 
    135135          pack('a32',$core->auth->userID()). 
    136           pack('H*',$core->auth->crypt($core->auth->getInfo('user_pwd'))); 
     136          pack('H*',$core->auth->cryptLegacy($core->auth->getInfo('user_pwd'))); 
    137137          return bin2hex($code); 
    138138     } 
     
    161161          } 
    162162 
    163           if ($core->auth->crypt($rs->user_pwd) != $pwd) { 
     163          if ($core->auth->cryptLegacy($rs->user_pwd) != $pwd) { 
    164164               return false; 
    165165          } 
Note: See TracChangeset for help on using the changeset viewer.

Sites map