Ticket #1380: ampusers-sha256.patch

File ampusers-sha256.patch, 1.3 kB (added by pvanstam, 11 months ago)

Patch file for modifying ampusers table to encrypt password with SHA256

  • admin/header_auth.php

    old new  
    2222                                // not logged in, and have provided a user/pass 
    2323                                $_SESSION['AMP_user'] = new ampuser($_SERVER['PHP_AUTH_USER']); 
    2424                                 
    25                                 if (!$_SESSION['AMP_user']->checkPassword($_SERVER['PHP_AUTH_PW'])) { 
     25                                if (!$_SESSION['AMP_user']->checkPassword(hash("sha256", $_SERVER['PHP_AUTH_PW']))) { 
    2626                                        // failed, one last chance -- fallback to amportal.conf db admin user 
    2727                                        if ( (count(getAmpAdminUsers()) == 0) && ($_SERVER['PHP_AUTH_USER'] == $amp_conf['AMPDBUSER'])  
    2828                                          && ($_SERVER['PHP_AUTH_PW'] == $amp_conf['AMPDBPASS'])) { 
Donate



Support
Download
Develop
Forums
News
Documentation
Paid Support
About

Paid Ads