You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When trying to find a way to add admins by letting them set their password I rummaged around the code and data a bit, and currently the admin passwords are non-salted SHA-1 hashes...
Maybe a more secure way should be implemented?
The text was updated successfully, but these errors were encountered:
At the current time, I'm not good enough with PHP to work that into mumpi, in a backwards or upgradeable fashion. Instead I'll leave a piece here:
function randString($strLen = 64, $seed = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()')
{
$seed = str_split($seed); //Turn the seed into an array
shuffle($seed); //shuffle it (probably redundant)
foreach(array_rand($seed, $strLen) as $key) //return strlen ammount of random indexes in the array seed, and pass them as keys into the foreach.
{
$randString .= $seed[$key]; //append the random character to the string
}
return $randString;
}
That's the function I would use to generate a salt
When trying to find a way to add admins by letting them set their password I rummaged around the code and data a bit, and currently the admin passwords are non-salted SHA-1 hashes...
Maybe a more secure way should be implemented?
The text was updated successfully, but these errors were encountered: