bashclub/piler
1
0
Fork 0
mirror of https://bitbucket.org/jsuto/piler.git synced 2024-12-26 08:50:13 +01:00
Code Issues Packages Projects Releases Wiki Activity

Added salt to crypt()

Browse Source 
Signed-off-by: Janos SUTO <sj@acts.hu>
This commit is contained in:
Janos SUTO 2018-09-09 16:15:49 +00:00
parent eae385616f
commit 6eaa70d991
2 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
webui/model/user/auth.php
View File

@ -576,7 +576,8 @@ class ModelUserAuth extends Model {
public function change_password($username = '', $password = '') { public function change_password($username = '', $password = '') {
if($username == "" || $password == ""){ return 0; } if($username == "" || $password == ""){ return 0; }
$query = $this->db->query("UPDATE " . TABLE_USER . " SET password=? WHERE uid=(SELECT uid FROM " . TABLE_EMAIL . " WHERE email=?)", array(crypt($password), $username)); $query = $this->db->query("UPDATE " . TABLE_USER . " SET password=? WHERE uid=(SELECT uid FROM " . TABLE_EMAIL . " WHERE email=?)",
array(crypt($password, '$6$' . generate_random_string()), $username));
$rc = $this->db->countAffected(); $rc = $this->db->countAffected();

2
webui/model/user/user.php
View File

@ -350,7 +350,7 @@ class ModelUserUser extends Model {
return $user['username']; return $user['username'];
} }
$encrypted_password = crypt($user['password']); $encrypted_password = crypt($user['password'], '$6$' . generate_random_string());
$samaccountname = ''; $samaccountname = '';
if(isset($user['samaccountname'])) { $samaccountname = $user['samaccountname']; } if(isset($user['samaccountname'])) { $samaccountname = $user['samaccountname']; }