WebSVN - taios - Path Comparison - / Rev 501 and / Rev 503

Ignore whitespace Rev 501 → Rev 503

 /_taios.php
 ,7 → 472,7
     }
     function saltAndBurn($pass, $salt) {
-        return sha1($salt + $pass);
+        return sha1($salt . $pass);
     }
     function getGetID() {

 /admin/account-do.php
 ,6 → 11,7
 $password = $_POST['password'];
 $email = $_POST['email'];
 $name = $_POST['name'];
+$salt = $name + "sheeps";
 $user = $page->getUserByID($userID);
 if (($page->getLoggedInUser()->ID == $userID || $page->isUserAdmin($page->getLoggedInUser())) && $user && $page->isUserNormal($page->getLoggedInUser())) {
 ,7 → 20,7
     }
     if (!empty($password)) {
-        $page->query("UPDATE Users SET Password = ? WHERE ID = ?", array(sha1($password), $userID));
+        $page->query("UPDATE Users SET Password = ? WHERE ID = ?", array($page->saltAndBurn($password, $salt), $userID));
     }
     if (!empty($email)) {

 /admin/all-accounts.php
 ,7 → 17,7
     write('<td class="bold">ID</td>');
     write('<td class="bold">AccessID</td>');
     write('<td class="bold">Username</td>');
-    write('<td class="bold">SHA1 Password</td>');
+    write('<td class="bold">Salt and Burned Password</td>');
     write('<td class="bold">Name</td>');
     write('<td class="bold">Email Address</td>');
     write('<td class="bold">Challenge ID</td>');