diff options
Diffstat (limited to 'web/lib/aur.inc')
-rw-r--r-- | web/lib/aur.inc | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/web/lib/aur.inc b/web/lib/aur.inc index e0521abc..8ccce897 100644 --- a/web/lib/aur.inc +++ b/web/lib/aur.inc @@ -455,3 +455,34 @@ function mkurl($append) { return substr($out, 5); } + +function get_salt($user_id) +{ + $dbh = db_connect(); + $salt_q = "SELECT Salt FROM Users WHERE ID = '$user_id'"; + $salt_result = mysql_fetch_row(db_query($salt_q, $dbh)); + return $salt_result[0]; +} + +function save_salt($user_id, $passwd) +{ + $dbh = db_connect(); + $salt = generate_salt(); + $hash = salted_hash($passwd, $salt); + $salting_q = "UPDATE Users SET Salt = '$salt'" . + ", Passwd = '$hash' WHERE ID = '$user_id'"; + return db_query($salting_q, $dbh); +} + +function generate_salt() +{ + return md5(uniqid(rand(), true)); +} + +function salted_hash($passwd, $salt) +{ + if (strlen($salt) != 32) { + trigger_error('Salt does not look like an md5 hash', E_USER_WARNING); + } + return md5($salt . $passwd); +} |