Added salt to crypt()

Signed-off-by: Janos SUTO <sj@acts.hu>
This commit is contained in:
Janos SUTO 2018-09-09 16:15:49 +00:00
parent eae385616f
commit 6eaa70d991
2 changed files with 3 additions and 2 deletions

View File

@ -576,7 +576,8 @@ class ModelUserAuth extends Model {
public function change_password($username = '', $password = '') {
if($username == "" || $password == ""){ return 0; }
$query = $this->db->query("UPDATE " . TABLE_USER . " SET password=? WHERE uid=(SELECT uid FROM " . TABLE_EMAIL . " WHERE email=?)", array(crypt($password), $username));
$query = $this->db->query("UPDATE " . TABLE_USER . " SET password=? WHERE uid=(SELECT uid FROM " . TABLE_EMAIL . " WHERE email=?)",
array(crypt($password, '$6$' . generate_random_string()), $username));
$rc = $this->db->countAffected();

View File

@ -350,7 +350,7 @@ class ModelUserUser extends Model {
return $user['username'];
}
$encrypted_password = crypt($user['password']);
$encrypted_password = crypt($user['password'], '$6$' . generate_random_string());
$samaccountname = '';
if(isset($user['samaccountname'])) { $samaccountname = $user['samaccountname']; }