diff options
author | plegall <plg@piwigo.org> | 2012-11-02 13:59:07 +0000 |
---|---|---|
committer | plegall <plg@piwigo.org> | 2012-11-02 13:59:07 +0000 |
commit | a73846717f5c884e0eef0b5591ff7ad374375a0b (patch) | |
tree | a8e52d992545558cbacacf50e704a332a80c9810 /password.php | |
parent | 805ce4bb02c9e3114c76841db75c23a59d17a3c4 (diff) |
feature 2727: improve password security with the use of PasswordHash class.
This class performs salt and multiple iterations. Already used in Wordpress,
Drupal, phpBB and many other web applications.
$conf['pass_convert'] is replaced by $conf['password_hash'] + $conf['password_verify']
git-svn-id: http://piwigo.org/svn/trunk@18889 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'password.php')
-rw-r--r-- | password.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/password.php b/password.php index 845a00a3d..cae85cec0 100644 --- a/password.php +++ b/password.php @@ -221,7 +221,7 @@ function reset_password() single_update( USERS_TABLE, - array($conf['user_fields']['password'] => $conf['pass_convert']($_POST['use_new_pwd'])), + array($conf['user_fields']['password'] => $conf['password_hash']($_POST['use_new_pwd'])), array($conf['user_fields']['id'] => $user_id) ); |