Archived
1
0

New experimental login hashing

This commit is contained in:
Garvin Hicking
2009-02-16 11:29:49 +00:00
parent da686463f3
commit f541e5874d
11 changed files with 155 additions and 41 deletions
+1 -1
View File
@@ -516,7 +516,7 @@ if ( (int)$serendipity['GET']['step'] == 0 ) {
echo ' <strong>' . DONE . '</strong><br />';
echo sprintf(CREATING_PRIMARY_AUTHOR, htmlspecialchars($_POST['user'])) .'...';
$authorid = serendipity_addAuthor($_POST['user'], $_POST['pass'], $_POST['realname'], $_POST['email'], USERLEVEL_ADMIN);
$authorid = serendipity_addAuthor($_POST['user'], $_POST['pass'], $_POST['realname'], $_POST['email'], USERLEVEL_ADMIN, 1);
$mail_comments = (serendipity_db_bool($_POST['want_mail']) ? 1 : 0);
serendipity_set_user_var('mail_comments', $mail_comments, $authorid);
serendipity_set_user_var('mail_trackbacks', $mail_comments, $authorid);
+1 -1
View File
@@ -19,7 +19,7 @@ if ($serendipity['GET']['adminAction'] == 'save' && serendipity_checkFormToken()
echo '<div class="serendipityAdminMsgError"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_error.png') . '" alt="" />' . CREATE_NOT_AUTHORIZED_USERLEVEL . '</div>';
} elseif (empty($_POST['username'])) {
echo '<div class="serendipityAdminMsgError"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_error.png') . '" alt="" />' . USERCONF_CHECK_USERNAME_ERROR . '</div>';
} elseif (!empty($_POST['password']) && $_POST['check_password'] != $_SESSION['serendipityPassword'] && md5($_POST['check_password']) != $_SESSION['serendipityPassword']) {
} elseif (!empty($_POST['password']) && $_POST['check_password'] != $_SESSION['serendipityPassword'] && serendipity_passwordhash($_POST['check_password']) != $_SESSION['serendipityPassword']) {
echo '<div class="serendipityAdminMsgError"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_error.png') . '" alt="" />' . USERCONF_CHECK_PASSWORD_ERROR . '</div>';
} else {
$valid_groups = serendipity_getGroups($serendipity['authorid'], true);
+1 -1
View File
@@ -39,7 +39,7 @@ if (isset($_POST['SAVE_NEW']) && serendipity_checkFormToken()) {
if (($serendipity['serendipityUserlevel'] < USERLEVEL_ADMIN && $_POST['userlevel'] >= $serendipity['serendipityUserlevel']) || !serendipity_checkPermission('adminUsersCreateNew')) {
echo '<div class="serendipityAdminMsgError"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_error.png') . '" alt="" />' . CREATE_NOT_AUTHORIZED . '</div>';
} else {
$serendipity['POST']['user'] = serendipity_addAuthor($_POST['username'], $_POST['pass'], $_POST['realname'], $_POST['email'], $_POST['userlevel']);
$serendipity['POST']['user'] = serendipity_addAuthor($_POST['username'], $_POST['pass'], $_POST['realname'], $_POST['email'], $_POST['userlevel'], 1);
$valid_groups = serendipity_getGroups($serendipity['authorid'], true);
/* Save all the properties */