From 952c7892f3ac7bfadf8419062e44ff1af66ecc57 Mon Sep 17 00:00:00 2001 From: Bot Date: Mon, 25 Dec 2017 23:12:52 +0100 Subject: Formatting & Docstrings --- includes/sys_auth.php | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'includes/sys_auth.php') diff --git a/includes/sys_auth.php b/includes/sys_auth.php index 4242261b..91edca77 100644 --- a/includes/sys_auth.php +++ b/includes/sys_auth.php @@ -87,18 +87,22 @@ function verify_password($password, $salt, $uid = null) { $crypt_alg = config('crypt_alg'); $correct = false; - if (substr($salt, 0, 1) == '$') { // new-style crypt() + if (substr($salt, 0, 1) == '$') { + // new-style crypt() $correct = crypt($password, $salt) == $salt; - } elseif (substr($salt, 0, 7) == '{crypt}') { // old-style crypt() with DES and static salt - not used anymore + } elseif (substr($salt, 0, 7) == '{crypt}') { + // old-style crypt() with DES and static salt - not used anymore $correct = crypt($password, '77') == $salt; - } elseif (strlen($salt) == 32) { // old-style md5 without salt - not used anymore + } elseif (strlen($salt) == 32) { + // old-style md5 without salt - not used anymore $correct = md5($password) == $salt; } if ($correct && substr($salt, 0, strlen($crypt_alg)) != $crypt_alg && intval($uid)) { // this password is stored in another format than we want it to be. // let's update it! - // we duplicate the query from the above set_password() function to have the extra safety of checking the old hash + // we duplicate the query from the above set_password() function to have the extra safety of checking + // the old hash DB::update(' UPDATE `User` SET `Passwort` = ? -- cgit v1.2.3-54-g00ecf