creylopez
/
phpsqlitecms
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
Browse Source

Increase password hash strength

pull/22/merge
Mark Hoschek 11 years ago
parent
4aa8fc3cec
commit
51ec50b0d0
5 changed files with 6 additions and 6 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -1
      cms/config/sql/mysql.initial.sql
  2. +1
    -1
      cms/config/sql/postgresql.initial.sql
  3. BIN
      cms/data/content.sqlite
  4. BIN
      cms/data/userdata.sqlite
  5. +4
    -4
      cms/includes/functions.admin.inc.php

+ 1
- 1
cms/config/sql/mysql.initial.sql View File

@ -263,4 +263,4 @@ INSERT INTO phpsqlitecms_settings (name, value) VALUES ('admin_language', 'engli
INSERT INTO phpsqlitecms_settings (name, value) VALUES ('default_page_language', 'english');
INSERT INTO phpsqlitecms_settings (name, value) VALUES ('caching', '0');
INSERT INTO phpsqlitecms_settings (name, value) VALUES ('wysiwyg_editor', '0');
INSERT INTO phpsqlitecms_userdata (name, type, pw, last_login, wysiwyg) VALUES('admin', 1, '75470d05abd21fb5e84e735d2bc595e2f7ecc5c7a5e98ad0d7', 1230764400, 0);
INSERT INTO phpsqlitecms_userdata (name, type, pw, last_login, wysiwyg) VALUES('admin', 1, '$6$rounds=5000$56748f4e35e993f6$nW05WLxf2aJGdiALJktlCvzrAXdxlvMLhRUmNAw1W42tqVLXoS0AGRrM41.sSRp3PrYpg4qsjOHGN22jKzPxA0', 1230764400, 0);

+ 1
- 1
cms/config/sql/postgresql.initial.sql View File

@ -260,4 +260,4 @@ INSERT INTO phpsqlitecms_settings (name, value) VALUES ('default_page_language',
INSERT INTO phpsqlitecms_settings (name, value) VALUES ('caching', '0');
INSERT INTO phpsqlitecms_settings (name, value) VALUES ('wysiwyg_editor', '0');
INSERT INTO phpsqlitecms_userdata (name, type, pw, last_login, wysiwyg) VALUES('admin', 1, '75470d05abd21fb5e84e735d2bc595e2f7ecc5c7a5e98ad0d7', 1230764400, 0);
INSERT INTO phpsqlitecms_userdata (name, type, pw, last_login, wysiwyg) VALUES('admin', 1, '$6$rounds=5000$56748f4e35e993f6$nW05WLxf2aJGdiALJktlCvzrAXdxlvMLhRUmNAw1W42tqVLXoS0AGRrM41.sSRp3PrYpg4qsjOHGN22jKzPxA0', 1230764400, 0);

BIN
cms/data/content.sqlite View File


BIN
cms/data/userdata.sqlite View File


+ 4
- 4
cms/includes/functions.admin.inc.php View File

@ -7,10 +7,9 @@
*/
function generate_pw_hash($pw)
{
$salt = random_string(10,'0123456789abcdef');
$salted_hash = sha1($pw.$salt);
$hash_with_salt = $salted_hash.$salt;
return $hash_with_salt;
$salt = bin2hex(openssl_random_pseudo_bytes(22));
$hash = crypt($pw, '$6$rounds=5000$'.$salt.'$');
return $hash;
}
/**
@ -29,6 +28,7 @@ function is_pw_correct($pw,$hash)
if(sha1($pw.$salt)==$salted_hash) return true;
else return false;
}
elseif(crypt($pw, $hash) == $hash) return true;
else return false;
}


Write Preview
Loading…
Cancel
Save