From ba9c11dce576becf8669a11519d69322066444c4 Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Wed, 11 Apr 2012 13:55:09 +0200 Subject: Use phpass for password hashing The current implementation sometimes failed to generate valid hashes (had something to do with the random salt). Signed-off-by: Florian Pritz --- application/models/muser.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'application/models') diff --git a/application/models/muser.php b/application/models/muser.php index 10d67e18f..532fdeb1a 100644 --- a/application/models/muser.php +++ b/application/models/muser.php @@ -78,8 +78,11 @@ class Muser extends CI_Model { function hash_password($password) { - $salt = random_alphanum(22); - return crypt($password, "$2a$09$$salt$"); + + require_once APPPATH."third_party/PasswordHash.php"; + + $hasher = new PasswordHash(9, false); + return $hasher->HashPassword($password); } } -- cgit v1.2.3-24-g4f1b