summaryrefslogtreecommitdiffabout
path: root/frontend/changepassword.php
authorWojciech Polak <polak@gnu.org>2014-04-22 22:14:58 (GMT)
committer Wojciech Polak <polak@gnu.org>2014-04-23 22:15:50 (GMT)
commita6d9d0ac8558575f3dae6500a939302ec9419be8 (patch) (side-by-side diff)
treee41d26dd72af60d2806d355c00ae1767bd272392 /frontend/changepassword.php
parent4bfca38dd3eaf92a868390ac51ff85b54a6c2c90 (diff)
downloadcheetah-a6d9d0ac8558575f3dae6500a939302ec9419be8.tar.gz
cheetah-a6d9d0ac8558575f3dae6500a939302ec9419be8.tar.bz2
Rewrite ancient password handling. Move to PBKDF2.
Diffstat (limited to 'frontend/changepassword.php') (more/less context) (ignore whitespace changes)
-rw-r--r--frontend/changepassword.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/frontend/changepassword.php b/frontend/changepassword.php
index 69ebfb2..bb726ce 100644
--- a/frontend/changepassword.php
+++ b/frontend/changepassword.php
@@ -4,7 +4,7 @@
/*
Cheetah News changepassword.php
- Copyright (C) 2005, 2006, 2010 Wojciech Polak.
+ Copyright (C) 2005, 2006, 2010, 2014 Wojciech Polak.
This program is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by the
@@ -105,7 +105,7 @@ else if (!empty ($hash))
$validPass = false;
if ($validPassLen && $validPass) {
- $db->query ("UPDATE user SET pass='".md5 ($pass).
+ $db->query ("UPDATE user SET pass='".make_password ($pass).
"', failogCount=0 WHERE email='".$email."'");
$db->query ("DELETE FROM forgotpassword WHERE email='".$email."'");
$message = _('Your password has been successfully changed.');

Return to:

Send suggestions and report system problems to the System administrator.