summaryrefslogtreecommitdiffstats
path: root/web/lib/acctfuncs.inc
diff options
context:
space:
mode:
Diffstat (limited to 'web/lib/acctfuncs.inc')
-rw-r--r--web/lib/acctfuncs.inc58
1 files changed, 38 insertions, 20 deletions
diff --git a/web/lib/acctfuncs.inc b/web/lib/acctfuncs.inc
index 91b6249a..9c172bbb 100644
--- a/web/lib/acctfuncs.inc
+++ b/web/lib/acctfuncs.inc
@@ -265,17 +265,14 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="",
} else {
if ($TYPE == "new") {
# no errors, go ahead and create the unprivileged user
-
- # md5hash the password
- $P = md5($P);
- $q = "INSERT INTO Users (AccountTypeID, Suspended, Username, Email, ";
- $q.= "Passwd, RealName, LangPreference, IRCNick, NewPkgNotify) ";
- $q.= "VALUES (1, 0, '".mysql_real_escape_string($U)."'";
- $q.= ", '".mysql_real_escape_string($E)."'";
- $q.= ", '".mysql_real_escape_string($P)."'";
- $q.= ", '".mysql_real_escape_string($R)."'";
- $q.= ", '".mysql_real_escape_string($L)."'";
- $q.= ", '".mysql_real_escape_string($I)."'";
+ $salt = generate_salt();
+ $P = salted_hash($P, $salt);
+ $escaped = array_map(mysql_real_escape_string,
+ array($U, $E, $P, $salt, $R, $L, $I));
+ $q = "INSERT INTO Users (" .
+ "AccountTypeID, Suspended, Username, Email, Passwd, Salt" .
+ ", RealName, LangPreference, IRCNick, NewPkgNotify) " .
+ "VALUES (1, 0, '" . implode("', '", $escaped) . "'";
if ($N) {
$q.= ", 1)";
} else {
@@ -298,7 +295,6 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="",
} else {
# no errors, go ahead and modify the user account
- # md5 hash the password
$q = "UPDATE Users SET ";
$q.= "Username = '".mysql_real_escape_string($U)."'";
if ($T) {
@@ -311,7 +307,9 @@ function process_account_form($UTYPE,$TYPE,$A,$U="",$T="",$S="",$E="",
}
$q.= ", Email = '".mysql_real_escape_string($E)."'";
if ($P) {
- $q.= ", Passwd = '".mysql_real_escape_string(md5($P))."'";
+ $salt = generate_salt();
+ $hash = salted_hash($P, $salt);
+ $q .= ", Passwd = '$hash', Salt = '$salt'";
}
$q.= ", RealName = '".mysql_real_escape_string($R)."'";
$q.= ", LangPreference = '".mysql_real_escape_string($L)."'";
@@ -738,14 +736,34 @@ function valid_passwd( $userID, $passwd )
{
if ( strlen($passwd) > 0 ) {
$dbh = db_connect();
- $q = "SELECT ID FROM Users".
- " WHERE ID = '$userID'" .
- " AND Passwd = '" . md5($passwd) . "'";
- $result = mysql_fetch_row(db_query($q, $dbh));
- if ($result[0]) {
- # Is it the right password?
- return true;
+ # get salt for this user
+ $salt = get_salt($userID);
+ if ($salt) {
+ # use salt
+ $passwd_q = "SELECT ID FROM Users" .
+ " WHERE ID = '$userID' AND Passwd = '" .
+ salted_hash($passwd, $salt) . "'";
+ $passwd_result = mysql_fetch_row(db_query($passwd_q, $dbh));
+ if ($passwd_result[0]) {
+ return true;
+ }
+ } else {
+ # check without salt
+ $nosalt_q = "SELECT ID FROM Users".
+ " WHERE ID = '$userID'" .
+ " AND Passwd = '" . md5($passwd) . "'";
+ $nosalt_result = mysql_fetch_row(db_query($nosalt_q, $dbh));
+ if ($nosalt_result[0]) {
+ # password correct, but salt it first
+ if (!save_salt($userID, $passwd)) {
+ trigger_error("Unable to salt user's password;" .
+ " ID $userID", E_USER_WARNING);
+ return false;
+ }
+
+ return true;
+ }
}
}
return false;