From b9db72e19861099f7369e4986821b5f4c1d75ec1 Mon Sep 17 00:00:00 2001
From: plegall <plg@piwigo.org>
Date: Wed, 6 Mar 2013 08:56:04 +0000
Subject: bug 2861: avoid "invalid password" with manual upgrade and admin
 session expired

git-svn-id: http://piwigo.org/svn/branches/2.5@21236 68402e56-0260-453c-a942-63ccdbb3a9ee
---
 include/functions_user.inc.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php
index d6250c582..4f92b7d3d 100644
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@@ -1154,8 +1154,13 @@ function pwg_password_verify($password, $hash, $user_id=null)
       $check = ($hash == md5($password));
     }
     
-    if ($check and isset($user_id) and !$conf['external_authentification'])
+    if ($check)
     {
+      if (!isset($user_id) or $conf['external_authentification'])
+      {
+        return true;
+      }
+      
       // Rehash using new hash.
       $hash = pwg_password_hash($password);
 
-- 
cgit v1.2.3