Subversion Repositories taios

Compare Revisions

Ignore whitespace Rev 500 → Rev 507

/_taios.php
356,9 → 356,10
$user->accessID = $row['AccessID'];
$user->username = $row['Username'];
$user->password = $row['Password'];
$user->salt = $row['Salt'];
$user->emailAddress = $row['EmailAddress'];
$user->name = $row['Name'];
$user->csrftoken = $row['CSRFToken'];
$user->salt = $row['Salt'];
$user->challengeID = $row['ChallengeID'];
return $user;
472,7 → 473,7
}
 
function saltAndBurn($pass, $salt) {
return sha1($salt + $pass);
return sha1($salt . $pass);
}
 
function getGetID() {
503,6 → 504,8
public $password;
public $emailAddress;
public $name;
public $salt;
public $csrftoken;
 
public $challengeID;
}
/install.sql
12,6 → 12,7
EmailAddress TEXT,
Name TEXT,
Salt TEXT,
CSRFToken TEXT,
ChallengeID INT,
PRIMARY KEY(ID)
);
/admin/account-do.php
19,7 → 19,8
}
if (!empty($password)) {
$page->query("UPDATE Users SET Password = ? WHERE ID = ?", array(sha1($password), $userID));
$salt = $user->username . "sheeps";
$page->query("UPDATE Users SET Password = ?, Salt = ? WHERE ID = ?", array($page->saltAndBurn($password, $salt), $salt, $userID));
}
if (!empty($email)) {
/admin/all-accounts.php
17,7 → 17,7
write('<td class="bold">ID</td>');
write('<td class="bold">AccessID</td>');
write('<td class="bold">Username</td>');
write('<td class="bold">SHA1 Password</td>');
write('<td class="bold">Salt and Burned Password</td>');
write('<td class="bold">Name</td>');
write('<td class="bold">Email Address</td>');
write('<td class="bold">Challenge ID</td>');
/register-do.php
42,7 → 42,7
$page->redirect('register.php?error=Incorrect reCAPTCHA response');
}
 
$salt = $username + "horses";
$salt = $username . "horses";
 
$args = array(2, $username, $page->saltAndBurn($password, $salt), $salt, $email, $name, 0);
$page->query("INSERT INTO Users (AccessID, Username, Password, Salt, EmailAddress, Name, ChallengeID) VALUES (?, ?, ?, ?, ?, ?, ?)", $args);