dbxe
/
fusionpbx
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

When the user is updated increase the salt length and remove special characters that can cause problems.

This commit is contained in:
Mark Crane 2015-02-10 20:54:03 +00:00
parent 1942c658bb
commit 8902d9f0fa
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
core/users/usersupdate.php
View File

@ -286,7 +286,7 @@ if (count($_POST) > 0 && $_POST["persistform"] != "1") {
}
if (strlen($password) > 0 && $confirm_password == $password) {
//salt used with the password to create a one way hash
$salt = generate_password('20', '4');
$salt = uuid();
//set the password
$sql .= "password = '".md5($salt.$password)."', ";
$sql .= "salt = '".$salt."', ";