Skip to content

Commit

Permalink
mybb#3530 Modern password hashing in installer
Browse files Browse the repository at this point in the history
  • Loading branch information
@JordanMussi
JordanMussi committed Jun 10, 2019
1 parent c59f30a commit 08ddefc
Showing 1 changed file with 7 additions and 5 deletions.
12 changes: 7 additions & 5 deletions install/index.php
View file
Expand Up @@ -2220,6 +2220,11 @@ function install_done()
require MYBB_ROOT.'inc/settings.php';
$mybb->settings = &$settings;

require MYBB_ROOT.'inc/src/bootstrap.php';
MyBB\app('config')->set(
array_dot($config)
);

ob_start();
$output->print_header($lang->finish_setup, 'finish');

Expand Down Expand Up @@ -2266,14 +2271,11 @@ function install_done()

echo $lang->done_step_admincreated;
$now = TIME_NOW;
$salt = random_str();
$loginkey = generate_loginkey();
$saltedpw = md5(md5($salt).md5($mybb->get_input('adminpass')));
$passwordFields = create_password($mybb->get_input('adminpass'));

$newuser = array(
$newuser = $passwordFields + array(
'username' => $db->escape_string($mybb->get_input('adminuser')),
'password' => $saltedpw,
'salt' => $salt,
'loginkey' => $loginkey,
'email' => $db->escape_string($mybb->get_input('adminemail')),
'usergroup' => $admin_gid, // assigned above
Expand Down

0 comments on commit 08ddefc

Please sign in to comment.