Changeset 18889 for trunk/password.php


Ignore:
Timestamp:
Nov 2, 2012, 2:59:07 PM (11 years ago)
Author:
plg
Message:

feature 2727: improve password security with the use of PasswordHash class.
This class performs salt and multiple iterations. Already used in Wordpress,
Drupal, phpBB and many other web applications.

$confpass_convert is replaced by $confpassword_hash + $confpassword_verify

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/password.php

    r18700 r18889  
    222222  single_update(
    223223    USERS_TABLE,
    224     array($conf['user_fields']['password'] => $conf['pass_convert']($_POST['use_new_pwd'])),
     224    array($conf['user_fields']['password'] => $conf['password_hash']($_POST['use_new_pwd'])),
    225225    array($conf['user_fields']['id'] => $user_id)
    226226    );
Note: See TracChangeset for help on using the changeset viewer.