diff options
author | Bot <bot@myigel.name> | 2017-12-25 23:12:52 +0100 |
---|---|---|
committer | Igor Scheller <igor.scheller@igorshp.de> | 2017-12-25 23:51:15 +0100 |
commit | 952c7892f3ac7bfadf8419062e44ff1af66ecc57 (patch) | |
tree | 69a85e8e4719801a064b8fa2d521fe000f959cd5 /includes/sys_auth.php | |
parent | 879918864a9c6da0fe9be1aca6c443ec8df0afc3 (diff) |
Formatting & Docstrings
Diffstat (limited to 'includes/sys_auth.php')
-rw-r--r-- | includes/sys_auth.php | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/includes/sys_auth.php b/includes/sys_auth.php index 4242261b..91edca77 100644 --- a/includes/sys_auth.php +++ b/includes/sys_auth.php @@ -87,18 +87,22 @@ function verify_password($password, $salt, $uid = null) { $crypt_alg = config('crypt_alg'); $correct = false; - if (substr($salt, 0, 1) == '$') { // new-style crypt() + if (substr($salt, 0, 1) == '$') { + // new-style crypt() $correct = crypt($password, $salt) == $salt; - } elseif (substr($salt, 0, 7) == '{crypt}') { // old-style crypt() with DES and static salt - not used anymore + } elseif (substr($salt, 0, 7) == '{crypt}') { + // old-style crypt() with DES and static salt - not used anymore $correct = crypt($password, '77') == $salt; - } elseif (strlen($salt) == 32) { // old-style md5 without salt - not used anymore + } elseif (strlen($salt) == 32) { + // old-style md5 without salt - not used anymore $correct = md5($password) == $salt; } if ($correct && substr($salt, 0, strlen($crypt_alg)) != $crypt_alg && intval($uid)) { // this password is stored in another format than we want it to be. // let's update it! - // we duplicate the query from the above set_password() function to have the extra safety of checking the old hash + // we duplicate the query from the above set_password() function to have the extra safety of checking + // the old hash DB::update(' UPDATE `User` SET `Passwort` = ? |