iarv/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2026-03-28 17:42:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

feature 2727: improve password security with the use of PasswordHash class.

Browse Source 
This class performs salt and multiple iterations. Already used in Wordpress,
Drupal, phpBB and many other web applications.

$conf['pass_convert'] is replaced by $conf['password_hash'] + $conf['password_verify']


git-svn-id: http://piwigo.org/svn/trunk@18889 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
plegall
2012-11-02 13:59:07 +00:00
parent 805ce4bb02
commit a73846717f
8 changed files with 378 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
password.php
View File

@@ -221,7 +221,7 @@ function reset_password()
single_update(
USERS_TABLE,
array($conf['user_fields']['password'] => $conf['pass_convert']($_POST['use_new_pwd'])),
array($conf['user_fields']['password'] => $conf['password_hash']($_POST['use_new_pwd'])),
array($conf['user_fields']['id'] => $user_id)
);