New experimental login hashing
This commit is contained in:
@@ -516,7 +516,7 @@ if ( (int)$serendipity['GET']['step'] == 0 ) {
|
||||
echo ' <strong>' . DONE . '</strong><br />';
|
||||
|
||||
echo sprintf(CREATING_PRIMARY_AUTHOR, htmlspecialchars($_POST['user'])) .'...';
|
||||
$authorid = serendipity_addAuthor($_POST['user'], $_POST['pass'], $_POST['realname'], $_POST['email'], USERLEVEL_ADMIN);
|
||||
$authorid = serendipity_addAuthor($_POST['user'], $_POST['pass'], $_POST['realname'], $_POST['email'], USERLEVEL_ADMIN, 1);
|
||||
$mail_comments = (serendipity_db_bool($_POST['want_mail']) ? 1 : 0);
|
||||
serendipity_set_user_var('mail_comments', $mail_comments, $authorid);
|
||||
serendipity_set_user_var('mail_trackbacks', $mail_comments, $authorid);
|
||||
|
||||
@@ -19,7 +19,7 @@ if ($serendipity['GET']['adminAction'] == 'save' && serendipity_checkFormToken()
|
||||
echo '<div class="serendipityAdminMsgError"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_error.png') . '" alt="" />' . CREATE_NOT_AUTHORIZED_USERLEVEL . '</div>';
|
||||
} elseif (empty($_POST['username'])) {
|
||||
echo '<div class="serendipityAdminMsgError"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_error.png') . '" alt="" />' . USERCONF_CHECK_USERNAME_ERROR . '</div>';
|
||||
} elseif (!empty($_POST['password']) && $_POST['check_password'] != $_SESSION['serendipityPassword'] && md5($_POST['check_password']) != $_SESSION['serendipityPassword']) {
|
||||
} elseif (!empty($_POST['password']) && $_POST['check_password'] != $_SESSION['serendipityPassword'] && serendipity_passwordhash($_POST['check_password']) != $_SESSION['serendipityPassword']) {
|
||||
echo '<div class="serendipityAdminMsgError"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_error.png') . '" alt="" />' . USERCONF_CHECK_PASSWORD_ERROR . '</div>';
|
||||
} else {
|
||||
$valid_groups = serendipity_getGroups($serendipity['authorid'], true);
|
||||
|
||||
@@ -39,7 +39,7 @@ if (isset($_POST['SAVE_NEW']) && serendipity_checkFormToken()) {
|
||||
if (($serendipity['serendipityUserlevel'] < USERLEVEL_ADMIN && $_POST['userlevel'] >= $serendipity['serendipityUserlevel']) || !serendipity_checkPermission('adminUsersCreateNew')) {
|
||||
echo '<div class="serendipityAdminMsgError"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_error.png') . '" alt="" />' . CREATE_NOT_AUTHORIZED . '</div>';
|
||||
} else {
|
||||
$serendipity['POST']['user'] = serendipity_addAuthor($_POST['username'], $_POST['pass'], $_POST['realname'], $_POST['email'], $_POST['userlevel']);
|
||||
$serendipity['POST']['user'] = serendipity_addAuthor($_POST['username'], $_POST['pass'], $_POST['realname'], $_POST['email'], $_POST['userlevel'], 1);
|
||||
|
||||
$valid_groups = serendipity_getGroups($serendipity['authorid'], true);
|
||||
/* Save all the properties */
|
||||
|
||||
Reference in New Issue
Block a user