Menu
▾
▴
[Web-erp-svn] SF.net SVN: web-erp:[6834] trunk/install/index.php
|
From: <ser...@us...> - 2014-08-19 13:53:20
|
Revision: 6834
http://sourceforge.net/p/web-erp/reponame/6834
Author: serakfalcon
Date: 2014-08-19 13:53:15 +0000 (Tue, 19 Aug 2014)
Log Message:
-----------
Update installer to use new password hash function, remove $CryptFunction global from installer.
Modified Paths:
--------------
trunk/install/index.php
Modified: trunk/install/index.php
===================================================================
--- trunk/install/index.php 2014-08-19 11:53:15 UTC (rev 6833)
+++ trunk/install/index.php 2014-08-19 13:53:15 UTC (rev 6834)
@@ -372,7 +372,6 @@
}
$msg .= "\$SessionLifeTime = 3600;\n";
$msg .= "\$MaximumExecutionTime = 120;\n";
- $msg .= "\$CryptFunction = 'sha1';\n";
$msg .= "\$DefaultClock = 12;\n";
$msg .= "\$RootPath = dirname(htmlspecialchars(\$_SERVER['PHP_SELF'],ENT_QUOTES,'UTF-8'));\n";
$msg .= "if (isset(\$DirectoryLevelsDeep)){\n";
@@ -1252,6 +1251,17 @@
}
+function CryptPass( $Password ) {
+ if (PHP_VERSION_ID < 50500) {
+ $salt = base64_encode(mcrypt_create_iv(22, MCRYPT_DEV_URANDOM));
+ $salt = str_replace('+', '.', $salt);
+ $hash = crypt($Password, '$2y$10$'.$salt.'$');
+ } else {
+ $hash = password_hash($Password,PASSWORD_DEFAULT);
+ }
+ return $hash;
+ }
+
//@para $db the database connection
//@para $DatabaseName the database to update
//@para $DBConnectType if it is mysql extention or not
@@ -1267,7 +1277,7 @@
$Result = (!$MysqlExt) ? mysqli_select_db($db,$DatabaseName):mysql_select_db($DatabaseName,$db);
$sql = "UPDATE www_users
- SET password = '".sha1($AdminPasswd)."',
+ SET password = '".CryptPass($AdminPasswd)."',
email = '".$AdminEmail."',
language = '".$AdminLanguage."'
WHERE userid = 'admin'";
|
