Use phpass for password hashing

The current implementation sometimes failed to generate valid hashes (had something to do with the random salt). Signed-off-by: Florian Pritz <bluewind@xinu.at>
author: Florian Pritz <bluewind@xinu.at> 2012-04-11 13:55:09 +0200
committer: Florian Pritz <bluewind@xinu.at> 2012-04-11 13:55:09 +0200
commit: ba9c11dce576becf8669a11519d69322066444c4 (patch)
tree: 9584cd49735f8d83661418a02184bf329c57cc67 /application/models
parent: f9d2bd80b18cfec0d565eae678e18ca2f83d3dc0 (diff)
1 files changed, 5 insertions, 2 deletions
diff --git a/application/models/muser.php b/application/models/muser.php
index 10d67e18f..532fdeb1a 100644
--- a/application/models/muser.php
+++ b/application/models/muser.php
@@ -78,8 +78,11 @@ class Muser extends CI_Model {
 
 	function hash_password($password)
 	{
-		$salt = random_alphanum(22);
-		return crypt($password, "$2a$09$$salt$");
+
+		require_once APPPATH."third_party/PasswordHash.php";
+
+		$hasher = new PasswordHash(9, false);
+		return $hasher->HashPassword($password);
 	}
 
 }
author	Florian Pritz <bluewind@xinu.at>	2012-04-11 13:55:09 +0200
committer	Florian Pritz <bluewind@xinu.at>	2012-04-11 13:55:09 +0200
commit	ba9c11dce576becf8669a11519d69322066444c4 (patch)
tree	9584cd49735f8d83661418a02184bf329c57cc67 /application/models
parent	f9d2bd80b18cfec0d565eae678e18ca2f83d3dc0 (diff)