Skip to content

Commit 7dd6367

Browse files
author
Douglas Wagner
committed
Bug Fix: Fixes problem with phpBB3 bridge allowing login with ANY password.
1 parent 9415e32 commit 7dd6367

File tree

1 file changed

+5
-5
lines changed

1 file changed

+5
-5
lines changed

Diff for: auth/auth_phpbb3.php

+5-5
Original file line numberDiff line numberDiff line change
@@ -124,11 +124,12 @@ function password_check($oldpassword, $profile_id)
124124
$db_pass = $data_passchk[$db_user_password];
125125

126126
$initString = '$H$';
127-
$testVal = $pwd_hasher->CheckPassword($oldpassword, $db_pass);
127+
$testVal = $pwd_hasher->CheckPassword($oldpassword, $db_pass, $initString);
128+
128129
if ($testVal)
129-
return 0;
130+
return TRUE;
130131
else
131-
return 1;
132+
return FALSE;
132133
}
133134

134135
function phpraid_login()
@@ -162,7 +163,6 @@ function phpraid_login()
162163
);
163164

164165
$result = $db_raid->sql_query($sql) or print_error($sql, mysql_error(), 1);
165-
166166
//WRM database
167167
//$sql = sprintf("SELECT username, password FROM " . $phpraid_config['db_prefix'] . "profile WHERE username = %s",
168168
// quote_smart($username)
@@ -299,4 +299,4 @@ function phpraid_logout()
299299
}
300300
}
301301

302-
?>
302+
?>

0 commit comments

Comments
 (0)