dbxe
/
fusionpbx
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

When the user is updated increase the salt length and remove special characters that can cause problems.

This commit is contained in:
Mark Crane 2015-02-10 20:54:03 +00:00
parent 5a4b509206
commit 22fcdc5f5a
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
core/users/usersupdate.php
View File

@ -286,7 +286,7 @@ if (count($_POST) > 0 && $_POST["persistform"] != "1") {
}
if (strlen($password) > 0 && $confirm_password == $password) {
//salt used with the password to create a one way hash
$salt = generate_password('20', '4');
$salt = uuid();
//set the password
$sql .= "password = '".md5($salt.$password)."', ";
$sql .= "salt = '".$salt."', ";