nsinnovations/fusionpbx
2
0
Fork 0
mirror of https://github.com/fusionpbx/fusionpbx.git synced 2026-01-22 00:18:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

When the user is updated increase the salt length and remove special characters that can cause problems.

Browse Source
This commit is contained in:
Mark Crane
2015-02-10 20:54:03 +00:00
parent 5a4b509206
commit 22fcdc5f5a
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
core/users/usersupdate.php
View File

@@ -286,7 +286,7 @@ if (count($_POST) > 0 && $_POST["persistform"] != "1") {
}
if (strlen($password) > 0 && $confirm_password == $password) {
//salt used with the password to create a one way hash
$salt = generate_password('20', '4');
$salt = uuid();
//set the password
$sql .= "password = '".md5($salt.$password)."', ";
$sql .= "salt = '".$salt."', ";