Vergleich inc/datahandlers/login.php - 1.8.7 - 1.8.13

  Keine Änderungen   Hinzugefügt   Modifiziert   Entfernt
Zeile 163Zeile 163
		$plugins->run_hooks('datahandler_login_verify_password_start', $args);

$user = &$this->data;

		$plugins->run_hooks('datahandler_login_verify_password_start', $args);

$user = &$this->data;


$password = md5($user['password']);

 

if(!$this->login_data['uid'] || $this->login_data['uid'] && !$this->login_data['salt'] && $strict == false)
{


if(!$this->login_data['uid'] || $this->login_data['uid'] && !$this->login_data['salt'] && $strict == false)
{

Zeile 174Zeile 172
		if($strict == true)
{
if(!$this->login_data['salt'])

		if($strict == true)
{
if(!$this->login_data['salt'])

			{

			{

				// Generate a salt for this user and assume the password stored in db is a plain md5 password

				// Generate a salt for this user and assume the password stored in db is a plain md5 password

				$this->login_data['salt'] = generate_salt();
$this->login_data['password'] = salt_password($this->login_data['password'], $this->login_data['salt']);

$sql_array = array(
"salt" => $this->login_data['salt'],
"password" => $this->login_data['password']
);

$db->update_query("users", $sql_array, "uid = '{$this->login_data['uid']}'");
}


				$password_fields = create_password($this->login_data['password']);
$this->login_data = array_merge($this->login_data, $password_fields);
$db->update_query("users", $password_fields, "uid = '{$this->login_data['uid']}'");
}








			if(!$this->login_data['loginkey'])
{
$this->login_data['loginkey'] = generate_loginkey();

			if(!$this->login_data['loginkey'])
{
$this->login_data['loginkey'] = generate_loginkey();

Zeile 198Zeile 190
				$db->update_query("users", $sql_array, "uid = '{$this->login_data['uid']}'");
}
}

				$db->update_query("users", $sql_array, "uid = '{$this->login_data['uid']}'");
}
}


$salted_password = md5(md5($this->login_data['salt']).$password);

 

$plugins->run_hooks('datahandler_login_verify_password_end', $args);



$plugins->run_hooks('datahandler_login_verify_password_end', $args);


		if($salted_password !== $this->login_data['password'])

		if(!verify_user_password($this->login_data, $user['password']))

		{
$this->invalid_combination(true);
return false;

		{
$this->invalid_combination(true);
return false;

Zeile 256Zeile 246
		$user = &$this->data;

$options = array(

		$user = &$this->data;

$options = array(

			'fields' => array('uid', 'username', 'password', 'salt', 'loginkey', 'coppauser', 'usergroup', 'loginattempts'),

			'fields' => '*',

			'username_method' => (int)$settings['username_method']
);


			'username_method' => (int)$settings['username_method']
);