Dotclear


Ignore:
Timestamp:
12/19/17 17:27:59 (8 years ago)
Author:
franck <carnet.franck.paul@…>
Branch:
default
Message:

Use PHP 5.5+ new password functions, closes #2182

Warnings:

  • $core->auth->crypt($pwd) doesn't return twice the same result for a single $pwd, so if you need this old behaviour use the $core->auth->cryptLegacy($pwd) instead.
  • $core->auth->checkPassword($pwd) must be used with an uncrypted password string as argument.
  • if you need a unique UID/key, use http::browserUID(DC_MASTER_KEY.$core->auth->userID().$core->auth->cryptLegacy($core->auth->userID())). (may be refined in future)
File:
1 edited

Legend:

Unmodified
Added
Removed

  • inc/admin/actions/class.dcactionblogs.php

    r3403 r3627  
    155155          } 
    156156 
    157           if (!$core->auth->checkPassword($core->auth->crypt($_POST['pwd']))) { 
     157          if (!$core->auth->checkPassword($_POST['pwd'])) { 
    158158               throw new Exception(__('Password verification failed')); 
    159159          } 
Note: See TracChangeset for help on using the changeset viewer.

Sites map