Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
feature 2727: improved backward compatibility with ['pass_convert']
git-svn-id: http://piwigo.org/svn/trunk@18890 68402e56-0260-453c-a942-63ccdbb3a9ee
  • Loading branch information
plegall committed Nov 2, 2012
1 parent a738467 commit 26e0ed8
Showing 1 changed file with 10 additions and 3 deletions.
13 changes: 10 additions & 3 deletions include/functions_user.inc.php
Expand Up @@ -1133,10 +1133,17 @@ function pwg_password_verify($password, $hash, $user_id=null)
{
global $conf, $pwg_hasher;

// If the hash is still md5...
if (strlen($hash) <= 32)
// If the password has not been hashed with the current algorithm.
if (strpos('$P', $hash) !== 0)
{
$check = ($hash == md5($password));
if (!empty($conf['pass_convert']))
{
$check = ($hash == $conf['pass_convert']($password));
}
else
{
$check = ($hash == md5($password));
}

if ($check and isset($user_id) and !$conf['external_authentification'])
{
Expand Down

0 comments on commit 26e0ed8

Please sign in to comment.