Changeset 1002 in ExiteCMS


Ignore:
Timestamp:
10/23/07 20:56:01 (4 years ago)
Author:
hverton
Message:

Fixed wrong password hashing after a password reset by an administrator

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/administration/members.php

    r954 r1002  
    6565         
    6666        if ($error == "") { 
    67             $result = dbquery("INSERT INTO ".$db_prefix."users (user_name, user_md5id, user_fullname, user_password, user_email, user_hide_email, user_location, user_birthdate, user_aim, user_icq, user_msn, user_yahoo, user_web, user_theme, user_offset, user_avatar, user_sig, user_posts, user_joined, user_lastvisit, user_ip, user_rights, user_groups, user_level, user_status) VALUES ('$username', '".md5(strtolower($username.$password1))."', '$fullname', md5(md5('$password1')), '$email', '$hide_email', '', '0000-00-00', '', '', '', '', '', 'Default', '0', '', '', '0', '".time()."', '0', '".USER_IP."', '', '', '101', '0')"); 
     67            $result = dbquery("INSERT INTO ".$db_prefix."users (user_name, user_md5id, user_fullname, user_password, user_email, user_hide_email, user_location, user_birthdate, user_aim, user_icq, user_msn, user_yahoo, user_web, user_theme, user_offset, user_avatar, user_sig, user_posts, user_joined, user_lastvisit, user_ip, user_rights, user_groups, user_level, user_status) VALUES ('$username', '".md5(strtolower($username.$password1))."', '$fullname', '".md5(md5('$password1'))."', '$email', '$hide_email', '', '0000-00-00', '', '', '', '', '', 'Default', '0', '', '', '0', '".time()."', '0', '".USER_IP."', '', '', '101', '0')"); 
    6868        } 
    6969        $variables['message'] = $error; 
Note: See TracChangeset for help on using the changeset viewer.