kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Fix invocations of password_hash()

This commit is contained in:
Kienan Stewart 2018-04-15 22:00:16 -04:00
parent 971e38778f
commit a609984d39
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
bureau/class/m_admin.php
View File

@ -634,7 +634,7 @@ class m_admin {
$msg->raise("ERROR", "admin", _("Login can only contains characters a-z, 0-9 and -")); $msg->raise("ERROR", "admin", _("Login can only contains characters a-z, 0-9 and -"));
return false; return false;
} }
$pass = password_hash($pass); $pass = password_hash($pass, PASSWORD_BCRYPT);
$db = new DB_System(); $db = new DB_System();
// Already exist? // Already exist?
$db->query("SELECT count(*) AS cnt FROM membres WHERE login= ?;", array($login)); $db->query("SELECT count(*) AS cnt FROM membres WHERE login= ?;", array($login));
@ -772,7 +772,7 @@ class m_admin {
$db = new DB_System(); $db = new DB_System();
if ($pass) { if ($pass) {
$pass = password_hash($pass); $pass = password_hash($pass, PASSWORD_BCRYPT);
$second_query = "UPDATE membres SET mail= ?, canpass= ?, enabled= ?, `type`= ?, notes= ? , pass = ? WHERE uid= ?;"; $second_query = "UPDATE membres SET mail= ?, canpass= ?, enabled= ?, `type`= ?, notes= ? , pass = ? WHERE uid= ?;";
$second_query_args = array($mail, $canpass, $enabled, $type, $notes, $pass, $uid); $second_query_args = array($mail, $canpass, $enabled, $type, $notes, $pass, $uid);
} else { } else {

4
bureau/class/m_mem.php
View File

@ -108,7 +108,7 @@ class m_mem {
// with password_hash(). // with password_hash().
if (strncmp($db->f('pass'), '$1$', 3) == 0) { if (strncmp($db->f('pass'), '$1$', 3) == 0) {
$db->query("update membres set pass = ? where uid = ?", $db->query("update membres set pass = ? where uid = ?",
array(password_hash($password), $cuid)); array(password_hash($password, PASSWORD_BCRYPT), $cuid));
} }
if (panel_islocked() && $cuid != 2000) { if (panel_islocked() && $cuid != 2000) {
@ -416,7 +416,7 @@ class m_mem {
if (!$admin->checkPolicy("mem", $login, $newpass)) { if (!$admin->checkPolicy("mem", $login, $newpass)) {
return false; // The error has been raised by checkPolicy() return false; // The error has been raised by checkPolicy()
} }
$newpass = password_hash($newpass); $newpass = password_hash($newpass, PASSWORD_BCRYPT);
$db->query("UPDATE membres SET pass= ? WHERE uid= ?;", array($newpass, $cuid)); $db->query("UPDATE membres SET pass= ? WHERE uid= ?;", array($newpass, $cuid));
$msg->init_msgs(); $msg->init_msgs();
return true; return true;