From d4dca43453a7a9e798c208cbb89ee09616381dde Mon Sep 17 00:00:00 2001
From: Andreas Gohr <andi@splitbrain.org>
Date: Fri, 16 Mar 2012 11:11:15 +0100
Subject: fixed error in bcrypt password method

---
 _test/cases/inc/auth_password.test.php | 4 ++++
 inc/PassHash.class.php                 | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/_test/cases/inc/auth_password.test.php b/_test/cases/inc/auth_password.test.php
index 394f0b2f5..d4a4d2bdb 100644
--- a/_test/cases/inc/auth_password.test.php
+++ b/_test/cases/inc/auth_password.test.php
@@ -54,6 +54,10 @@ class auth_password_test extends UnitTestCase {
         $this->assertTrue(auth_verifyPassword('foobcrypt',$hash));
     }
 
+    function test_verifyPassword_fixedbcrypt(){
+        $this->assertTrue(auth_verifyPassword('foobcrypt','$2a$12$uTWercxbq4sjp2xAzv3we.ZOxk51m5V/Bv5bp2H27oVFJl5neFQoC'));
+    }
+
     function test_verifyPassword_nohash(){
         $this->assertTrue(auth_verifyPassword('foo','$1$$n1rTiFE0nRifwV/43bVon/'));
     }
diff --git a/inc/PassHash.class.php b/inc/PassHash.class.php
index 2558f37c6..0521ee305 100644
--- a/inc/PassHash.class.php
+++ b/inc/PassHash.class.php
@@ -427,7 +427,7 @@ class PassHash {
                     $this->gen_salt(22);
         }
 
-        return crypt($password, $salt);
+        return crypt($clear, $salt);
     }
 
 }
-- 
cgit v1.2.3