nsinnovations/fusionpbx
2
0
Fork 0
mirror of https://github.com/fusionpbx/fusionpbx.git synced 2026-02-21 18:36:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

When the user is updated increase the salt length and remove special characters that can cause problems.

Browse Source
This commit is contained in:
Mark Crane
2015-02-10 20:54:03 +00:00
parent 1942c658bb
commit 8902d9f0fa
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
core/users/usersupdate.php
View File

@@ -286,7 +286,7 @@ if (count($_POST) > 0 && $_POST["persistform"] != "1") {
}
if (strlen($password) > 0 && $confirm_password == $password) {
//salt used with the password to create a one way hash
$salt = generate_password('20', '4');
$salt = uuid();
//set the password
$sql .= "password = '".md5($salt.$password)."', ";
$sql .= "salt = '".$salt."', ";