extern/egroupware_official
1
0
Fork 0
mirror of https://github.com/EGroupware/egroupware.git synced 2025-01-11 00:18:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix smd5 password comparison for sql

Browse Source
This commit is contained in:
Miles Lott 2004-02-05 02:01:39 +00:00
parent 85495afde2
commit dfa356e0c6
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
phpgwapi/inc/class.auth.inc.php
View File

@ -216,10 +216,13 @@
{ {
/* Start with the first char after {SMD5} */ /* Start with the first char after {SMD5} */
$hash = base64_decode(substr($db_val,6)); $hash = base64_decode(substr($db_val,6));
$new_hash = mhash(MHASH_MD5,$form_val); $orig_hash = substr($hash, 0, 16);
$salt = substr($hash, 16);
$new_hash = mhash(MHASH_MD5,$form_val . $salt);
//echo '<br> DB: ' . base64_encode($orig_hash) . '<br>FORM: ' . base64_encode($new_hash); //echo '<br> DB: ' . base64_encode($orig_hash) . '<br>FORM: ' . base64_encode($new_hash);
if(strcmp($hash,$new_hash) == 0) if(strcmp($orig_hash,$new_hash) == 0)
{ {
return True; return True;
} }