switch password and id in munge_password
I think this is the less effective way to salt a password, BUT... I had a big bug in my code! All the code that was calling this function got the order of the params mixed up. So, to save heartache, I just reversed the order of the parameters, and reversed how the were used in the function. It should be functionally the same as before, but better documented. darcs-hash:20080618211454-84dde-4772135cc92f2a51faa072e4470da3c628e1510c.gz
This commit is contained in:
parent
e47ba46634
commit
1d67f33b3b
@ -366,8 +366,8 @@ function common_textarea($id, $label, $content=NULL, $instructions=NULL) {
|
|||||||
|
|
||||||
# salted, hashed passwords are stored in the DB
|
# salted, hashed passwords are stored in the DB
|
||||||
|
|
||||||
function common_munge_password($id, $password) {
|
function common_munge_password($password, $id) {
|
||||||
return md5($id . $password);
|
return md5($password . $id);
|
||||||
}
|
}
|
||||||
|
|
||||||
# check if a username exists and has matching password
|
# check if a username exists and has matching password
|
||||||
|
Loading…
Reference in New Issue
Block a user