feat: MD5 passwords exchanged for bcrypt ones

This commit is contained in:
Martin Ambrus
2017-10-20 12:31:27 +02:00
parent 606d0a6ad2
commit f4021d1452
15 changed files with 219 additions and 78 deletions
+1 -1
View File
@@ -392,7 +392,7 @@
if($session->access != BANNED){
if(!isset($post['pw']) || $post['pw'] == "") {
$form->addError("pw1", PW_EMPTY);
} elseif(md5($post['pw']) !== $session->userinfo['password']) {
} elseif(!password_verify($post['pw'], $session->userinfo['password'])) {
$form->addError("pw2", PW_ERR);
} else {
$database->updateUserField($session->uid, 'alliance', 0, 1);