From db95fe6485f13c0041bbafbb0004b171cd9122e7 Mon Sep 17 00:00:00 2001
From: Jan-Philipp Litza <janphilipp@litza.de>
Date: Wed, 12 Dec 2012 02:31:54 +0100
Subject: new authentication framework with stronger passwords and real salts -
 please proofread!

---
 includes/pages/admin_user.php    |  2 +-
 includes/pages/guest_login.php   | 11 +++++------
 includes/pages/user_settings.php | 30 +++++++++---------------------
 3 files changed, 15 insertions(+), 28 deletions(-)

(limited to 'includes/pages')

diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php
index 3c26062b..d9f5d749 100644
--- a/includes/pages/admin_user.php
+++ b/includes/pages/admin_user.php
@@ -240,7 +240,7 @@ function admin_user() {
 
         case 'change_pw' :
           if ($_REQUEST['new_pw'] != "" && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) {
-            sql_query("UPDATE `User` SET `Passwort`='" . sql_escape(PassCrypt($_REQUEST['new_pw'])) . "' WHERE `UID`=" . sql_escape($id) . " LIMIT 1");
+            set_password($id, $_REQUEST['new_pw']);
             $html .= success("Passwort neu gesetzt.", true);
           } else {
             $html .= error("Die Eingaben müssen übereinstimmen und dürfen nicht leer sein!", true);
diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php
index c75327de..db479388 100644
--- a/includes/pages/guest_login.php
+++ b/includes/pages/guest_login.php
@@ -71,10 +71,8 @@ function guest_register() {
       }
     }
 
-    if (isset ($_REQUEST['password']) && strlen($_REQUEST['password']) >= 6) {
-      if ($_REQUEST['password'] == $_REQUEST['password2']) {
-        $password_hash = PassCrypt($_REQUEST['password']);
-      } else {
+    if (isset ($_REQUEST['password']) && strlen($_REQUEST['password']) >= MIN_PASSWORD_LENGTH) {
+      if ($_REQUEST['password'] != $_REQUEST['password2']) {
         $ok = false;
         $msg .= error(Get_Text("makeuser_error_password1"), true);
       }
@@ -112,9 +110,10 @@ function guest_register() {
           "', `email`='" . sql_escape($mail) . "', `ICQ`='" . sql_escape($icq) . "', `jabber`='" . sql_escape($jabber) . "', `Size`='" . sql_escape($tshirt_size) .
           "', `Passwort`='" . sql_escape($password_hash) . "', `kommentar`='" . sql_escape($comment) . "', `Hometown`='" . sql_escape($hometown) . "', `CreateDate`=NOW(), `Sprache`='" . sql_escape($_SESSION["Sprache"]) . "'");
 
-      // Assign user-group
+      // Assign user-group and set password
       $user_id = sql_id();
       sql_query("INSERT INTO `UserGroups` SET `uid`=" . sql_escape($user_id) . ", `group_id`=-2");
+      set_password($user_id, $_REQUEST['password']);
 
       // Assign angel-types
       foreach ($selected_angel_types as $selected_angel_type_id)
@@ -176,7 +175,7 @@ function guest_login() {
       if (count($login_user) > 0) {
         $login_user = $login_user[0];
         if (isset ($_REQUEST['password'])) {
-          if ($login_user['Passwort'] != PassCrypt($_REQUEST['password'])) {
+          if (!verify_password($_REQUEST['password'], $login_user['Passwort'], $login_user['UID'])) {
             $ok = false;
             $msg .= error(Get_Text("pub_index_pass_no_ok"), true);
           }
diff --git a/includes/pages/user_settings.php b/includes/pages/user_settings.php
index 5ea4af27..cfeb38cf 100644
--- a/includes/pages/user_settings.php
+++ b/includes/pages/user_settings.php
@@ -114,29 +114,17 @@ function user_settings() {
 	elseif (isset ($_REQUEST['submit_password'])) {
 		$ok = true;
 
-		if (!isset ($_REQUEST['password']) || $user['Passwort'] != PassCrypt($_REQUEST['password'])) {
-			$ok = false;
+		if (!isset ($_REQUEST['password']) || !verify_password($_REQUEST['password'], $user['Passwort'], $user['UID']))
 			$msg .= error(Get_Text(30), true);
-		}
-
-		if (isset ($_REQUEST['new_password']) && strlen($_REQUEST['new_password']) >= 6) {
-			if ($_REQUEST['new_password'] == $_REQUEST['new_password2']) {
-				$password_hash = PassCrypt($_REQUEST['new_password']);
-			} else {
-				$ok = false;
-				$msg .= error(Get_Text("makeuser_error_password1"), true);
-			}
-		} else {
-			$ok = false;
-			$msg .= error(Get_Text("makeuser_error_password2"), true);
-		}
-
-		if ($ok) {
-			sql_query("UPDATE `User` SET `Passwort`='" . sql_escape($password_hash) . "' WHERE `UID`=" . sql_escape($user['UID']));
-
+		elseif (strlen($_REQUEST['new_password']) <= MIN_PASSWORD_LENGTH)
+			$msg .= error(Get_Text("makeuser_error_password2"));
+		elseif ($_REQUEST['new_password'] != $_REQUEST['new_password2'])
+			$msg .= error(Get_Text("makeuser_error_password1"), true);
+		elseif(set_password($user['UID'], $_REQUEST['new_password']))
 			success("Password saved.");
-			redirect(page_link_to('user_settings'));
-		}
+		else
+			error("Failed setting password.");
+		redirect(page_link_to('user_settings'));
 	}
 	elseif (isset ($_REQUEST['submit_theme'])) {
 		$ok = true;
-- 
cgit v1.2.3-54-g00ecf