diff options
| author | andi <andi@splitbrain.org> | 2005-05-13 17:22:48 +0200 |
|---|---|---|
| committer | andi <andi@splitbrain.org> | 2005-05-13 17:22:48 +0200 |
| commit | b0855b1105f25b1fbd686606588297104def6d3c (patch) | |
| tree | bcc864d497dfb88d422936af94f5cf40da1daec7 /inc/auth_plain.php | |
| parent | b000c6d4d26cd8f0e24a02811dac7080f3288cb4 (diff) | |
| download | rpg-b0855b1105f25b1fbd686606588297104def6d3c.tar.gz rpg-b0855b1105f25b1fbd686606588297104def6d3c.tar.bz2 | |
multiple hash methods for passwords
This patch allows the method for hashing (onewaycrypting) the user passwords to
be set with $conf['passcrypt']. Available are MD5, salted MD5, SHA1 salted SHA1 (SSHA)
and the old Unix crypt (2 char seed).
This change was inspired by a mail from Chris Brotherton (thanks for making me think about this)
darcs-hash:20050513152248-9977f-2358b26449ed865a981c8558308a2857ba17c12f.gz
Diffstat (limited to 'inc/auth_plain.php')
| -rw-r--r-- | inc/auth_plain.php | 11 |
1 files changed, 4 insertions, 7 deletions
diff --git a/inc/auth_plain.php b/inc/auth_plain.php index 6bc666802..55e1fa9f6 100644 --- a/inc/auth_plain.php +++ b/inc/auth_plain.php @@ -26,13 +26,10 @@ if(isset($_REQUEST['u'])) */ function auth_checkPass($user,$pass){ $users = auth_plain_loadUserData(); - $pass = md5($pass); //encode pass - if($users[$user]['pass'] == $pass){ - return true; - }else{ - return false; - } + if(!isset($users[$user])) return false; + + return auth_verifyPassword($pass,$users[$user]['pass']); } /** @@ -71,7 +68,7 @@ function auth_createUser($user,$pass,$name,$mail){ if(isset($users[$user])) return false; $userline = join(':',array($user, - md5($pass), + auth_cryptPassword($pass), $name, $mail, $conf['defaultgroup'])); |