diff options
author | msquare <msquare@notrademark.de> | 2017-12-26 10:29:16 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-12-26 10:29:16 +0100 |
commit | de61c88d6de67d12d5de5b6dd0ab6b8c82e5a290 (patch) | |
tree | aac6a43cb88e3d803da5809ab37885b41bc811c6 /includes/sys_auth.php | |
parent | 879918864a9c6da0fe9be1aca6c443ec8df0afc3 (diff) | |
parent | f8d0a7c5b00a58c646871e355b5876dcc5890be5 (diff) |
Merge pull request #388 from MyIgel/master
Formatting, Docstrings, and fixup
Diffstat (limited to 'includes/sys_auth.php')
-rw-r--r-- | includes/sys_auth.php | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/includes/sys_auth.php b/includes/sys_auth.php index 4242261b..91edca77 100644 --- a/includes/sys_auth.php +++ b/includes/sys_auth.php @@ -87,18 +87,22 @@ function verify_password($password, $salt, $uid = null) { $crypt_alg = config('crypt_alg'); $correct = false; - if (substr($salt, 0, 1) == '$') { // new-style crypt() + if (substr($salt, 0, 1) == '$') { + // new-style crypt() $correct = crypt($password, $salt) == $salt; - } elseif (substr($salt, 0, 7) == '{crypt}') { // old-style crypt() with DES and static salt - not used anymore + } elseif (substr($salt, 0, 7) == '{crypt}') { + // old-style crypt() with DES and static salt - not used anymore $correct = crypt($password, '77') == $salt; - } elseif (strlen($salt) == 32) { // old-style md5 without salt - not used anymore + } elseif (strlen($salt) == 32) { + // old-style md5 without salt - not used anymore $correct = md5($password) == $salt; } if ($correct && substr($salt, 0, strlen($crypt_alg)) != $crypt_alg && intval($uid)) { // this password is stored in another format than we want it to be. // let's update it! - // we duplicate the query from the above set_password() function to have the extra safety of checking the old hash + // we duplicate the query from the above set_password() function to have the extra safety of checking + // the old hash DB::update(' UPDATE `User` SET `Passwort` = ? |