archive/piwigo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

- simplify calculation of auto login key (no need to concatenate 2 hashes)

Browse source 
git-svn-id: http://piwigo.org/svn/trunk@11826 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
rvelices 2011-07-25 17:56:47 +00:00
parent 19f0fb73d9
commit 86bc4d1143
1 changed files with 2 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
include/functions_user.inc.php
View file

@ -1032,11 +1032,8 @@ WHERE '.$conf['user_fields']['id'].' = '.$user_id;
{
$row = pwg_db_fetch_assoc($result);
$username = stripslashes($row['username']);
$data = $time.stripslashes($row['username']).$row['password'];
$key = base64_encode(
pack('H*', sha1($data))
.hash_hmac('md5', $data, $conf['secret_key'],true)
);
$data = $time.$user_id.$username;
$key = base64_encode( hash_hmac('sha1', $data, $conf['secret_key'].$row['password'],true) );
return $key;
}
return false;