Beanz/flatpress
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

finally moved from simple md5 to salted wp_hash ; please remember to REINSTALL and OVERWRITE your old user in order to be able to login !

Browse Source
This commit is contained in:
real_nowhereman 2008-01-01 09:34:41 +00:00
parent 0154408499
commit 725a70f1d0
3 changed files with 8 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
fp-includes/core/core.users.php
View File

@ -32,7 +32,7 @@
} }
function user_pwd($userid, $pwd){ function user_pwd($userid, $pwd){
return md5($userid.$pwd); return wp_hash($userid.$pwd);
} }
@ -43,12 +43,6 @@
$loggedin = false; $loggedin = false;
$user = user_get($userid); $user = user_get($userid);
// $retval = 0;
/*
print_r($user);
print_r(user_pwd($userid,$pwd));
*/
if (user_pwd($userid,$pwd) == $user['password']){ if (user_pwd($userid,$pwd) == $user['password']){
@ -61,29 +55,6 @@
setcookie(USER_COOKIE, $userid, $expire, COOKIEPATH, COOKIE_DOMAIN); setcookie(USER_COOKIE, $userid, $expire, COOKIEPATH, COOKIE_DOMAIN);
setcookie(PASS_COOKIE, $user['password'], $expire, COOKIEPATH, COOKIE_DOMAIN); setcookie(PASS_COOKIE, $user['password'], $expire, COOKIEPATH, COOKIE_DOMAIN);
/*
$retval = 1;
sess_close();
sess_setup(60*60*24*7);
$retval = 1;
sess_add('userid', $userid);
// sess_add('userhash', $user['PWD']);
sess_add('loggedin', true);
sess_add('ip', $_SERVER['REMOTE_ADDR']);
sess_add('host', $_SERVER['SERVER_ADDR']);
sess_add('path', ABS_PATH);
$user = user_get($userid);
$user['LOGINTIME']=time();
system_save(USERS_DIR . $user['NAME'] . ".php", compact('user'));
*/
} }
return $loggedin; return $loggedin;
@ -97,16 +68,6 @@
setcookie(USER_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN); setcookie(USER_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
setcookie(PASS_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN); setcookie(PASS_COOKIE, ' ', time() - 31536000, COOKIEPATH, COOKIE_DOMAIN);
/*
$user = user_get(sess_get('userid'));
unset($user['LOGINTIME']);
system_save(USERS_DIR . $user['NAME'] . ".php", compact('user'));
sess_close();
*/
} }
$loggedin = false; $loggedin = false;
@ -125,7 +86,6 @@
return $loggedin = false; return $loggedin = false;
} }
// print_r($_COOKIE);
$fp_user = user_get($_COOKIE[USER_COOKIE]); $fp_user = user_get($_COOKIE[USER_COOKIE]);
@ -135,26 +95,6 @@
return $fp_user; return $fp_user;
/*
//return true;
if (!$loggedin && sess_get('loggedin')) {
$user = user_get(sess_get('userid'));
// removed: sess_get('ip') == $_SERVER['REMOTE_ADDR'] &&
// quite stupid, as people usually will disconnect sooner or later :D
if (sess_get('host') == $_SERVER['SERVER_ADDR'] &&
sess_get('path') == ABS_PATH ) {
@sess_setup(60*60*24*7);
// may bug sometimes:
// session_regenerate_id();
$loggedin = true;
}
}
*/
return $loggedin;
} }

2
fp-includes/core/core.wp-pluggable-funcs.php
View File

@ -341,7 +341,7 @@ function wp_salt() {
global $fp_config; global $fp_config;
static $salt = null; static $salt = null;
if (!$salt) if (!$salt)
$salt = $fp_config['general']['blogid'] . $fp_config['general']['author'] . ABS_PATH . BLOG_BASEURL ; $salt = $fp_config['general']['blogid'] . ABS_PATH . BLOG_BASEURL ;
return $salt; return $salt;
} }
endif; endif;

2
setup/lib/main.lib.php
View File

@ -138,7 +138,6 @@ function validate() {
return false; return false;
} }
user_add($user);
$fp_config['general']['blogid'] = system_generate_id( $fp_config['general']['blogid'] = system_generate_id(
BLOG_ROOT. BLOG_ROOT.
@ -149,6 +148,7 @@ function validate() {
config_save(); config_save();
user_add($user);
return true; return true;
} }