Ticket #1928: phpBB-pass_arrayhash.diff
File phpBB-pass_arrayhash.diff, 1.0 KB (added by , 12 years ago) |
---|
-
phpBB.php
class phpBB extends BBP_Converter_Base { 435 435 * @return bool Returns true if the password is correct, false if not. 436 436 */ 437 437 public function authenticate_pass($password, $serialized_pass) { 438 $password = md5($password); 438 439 $itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; 439 440 $pass_array = unserialize($serialized_pass); 440 if (strlen($pass_array ['hash']) == 34) {441 return ($this->_hash_crypt_private($password, $pass_array ['hash'], $itoa64) === $pass_array['hash']) ? true : false;441 if (strlen($pass_arrayhash?) == 34) { 442 return ($this->_hash_crypt_private($password, $pass_arrayhash?, $itoa64) === $pass_arrayhash?) ? true : false; 442 443 } 443 444 444 return (md5($password) === $pass_array ['hash']) ? true : false;445 return (md5($password) === $pass_arrayhash?) ? true : false; 445 446 } 446 447 447 448 /**