xinyin025/TravianZ
1
0
Fork 0
mirror of https://github.com/Shadowss/TravianZ.git synced 2026-06-28 00:24:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: MD5 passwords exchanged for bcrypt ones

Browse Source
This commit is contained in:
Martin Ambrus
2017-10-20 12:31:27 +02:00
parent 606d0a6ad2
commit f4021d1452
15 changed files with 219 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Templates/Build/26.tpl
+1 -1
View File
@@ -9,7 +9,7 @@ if($_POST AND $_GET['action'] == 'change_capital') {
$pass = mysqli_escape_string($GLOBALS['link'],$_POST['pass']);
$query = mysqli_query($GLOBALS['link'],'SELECT * FROM `' . TB_PREFIX . 'users` WHERE `id` = ' . (int) $session->uid);
$data = mysqli_fetch_assoc($query);
if($data['password'] == md5($pass)) {
if(password_verify($pass, $data['password'])) {
$query1 = mysqli_query($GLOBALS['link'],'SELECT * FROM `' . TB_PREFIX . 'vdata` WHERE `owner` = ' .(int) $session->uid . ' AND `capital` = 1');
$data1 = mysqli_fetch_assoc($query1);
$query2 = mysqli_query($GLOBALS['link'],'SELECT * FROM `' . TB_PREFIX . 'fdata` WHERE `vref` = ' . (int) $data1['wref']);