From db95fe6485f13c0041bbafbb0004b171cd9122e7 Mon Sep 17 00:00:00 2001
From: Jan-Philipp Litza <janphilipp@litza.de>
Date: Wed, 12 Dec 2012 02:31:54 +0100
Subject: new authentication framework with stronger passwords and real salts -
 please proofread!

---
 includes/pages/admin_user.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'includes/pages/admin_user.php')

diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php
index 3c26062b..d9f5d749 100644
--- a/includes/pages/admin_user.php
+++ b/includes/pages/admin_user.php
@@ -240,7 +240,7 @@ function admin_user() {
 
         case 'change_pw' :
           if ($_REQUEST['new_pw'] != "" && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) {
-            sql_query("UPDATE `User` SET `Passwort`='" . sql_escape(PassCrypt($_REQUEST['new_pw'])) . "' WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
+            set_password($id, $_REQUEST['new_pw']);
             $html .= success("Passwort neu gesetzt.", true);
           } else {
             $html .= error("Die Eingaben müssen übereinstimmen und dürfen nicht leer sein!", true);
-- 
cgit v1.2.3-54-g00ecf