aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorplegall <plg@piwigo.org>2012-11-02 14:39:01 +0000
committerplegall <plg@piwigo.org>2012-11-02 14:39:01 +0000
commit26e0ed8fd646450b492ccc88985880eec16fdcb3 (patch)
treee639068ebd34607f40418733d14dcb17620e7562
parenta73846717f5c884e0eef0b5591ff7ad374375a0b (diff)
feature 2727: improved backward compatibility with ['pass_convert']
git-svn-id: http://piwigo.org/svn/trunk@18890 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
-rw-r--r--include/functions_user.inc.php13
1 files changed, 10 insertions, 3 deletions
diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php
index 0ba720167..60bdcd459 100644
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@@ -1133,10 +1133,17 @@ function pwg_password_verify($password, $hash, $user_id=null)
{
global $conf, $pwg_hasher;
- // If the hash is still md5...
- if (strlen($hash) <= 32)
+ // If the password has not been hashed with the current algorithm.
+ if (strpos('$P', $hash) !== 0)
{
- $check = ($hash == md5($password));
+ if (!empty($conf['pass_convert']))
+ {
+ $check = ($hash == $conf['pass_convert']($password));
+ }
+ else
+ {
+ $check = ($hash == md5($password));
+ }
if ($check and isset($user_id) and !$conf['external_authentification'])
{