Changeset 3627:9bccfc2257ad for admin/user.php

Timestamp:

12/19/17 17:27:59 (8 years ago)

Author:

franck <carnet.franck.paul@…>

Branch:

default

Message:

Use PHP 5.5+ new password functions, closes #2182

Warnings:

$core->auth->crypt($pwd) doesn't return twice the same result for a single $pwd, so if you need this old behaviour use the $core->auth->cryptLegacy($pwd) instead.
$core->auth->checkPassword($pwd) must be used with an uncrypted password string as argument.
if you need a unique UID/key, use http::browserUID(DC_MASTER_KEY.$core->auth->userID().$core->auth->cryptLegacy($core->auth->userID())). (may be refined in future)

File:

admin/user.php

r3421	r3627
72	72	try
73	73	{
74		if (empty($_POST['your_pwd']) \|\| !$core->auth->checkPassword($~~core->auth->crypt($_POST['your_pwd'])~~)) {
	74	if (empty($_POST['your_pwd']) \|\| !$core->auth->checkPassword($_POST['your_pwd'])) {
75	75	throw new Exception(__('Password verification failed'));
76	76	}

Note: See TracChangeset for help on using the changeset viewer.