aboutsummaryrefslogtreecommitdiffstats
path: root/editusers.cgi
diff options
context:
space:
mode:
authorterry%mozilla.org <>2000-01-18 22:40:18 +0000
committerterry%mozilla.org <>2000-01-18 22:40:18 +0000
commitca8760339069c50ccbdcf3d92e416f7d1522adf8 (patch)
treee2386af360bc276ba659635b80075da04dd24ed4 /editusers.cgi
parente908456f366483dcc915bafc7036733310ebc6e5 (diff)
downloadbugs-ca8760339069c50ccbdcf3d92e416f7d1522adf8.tar
bugs-ca8760339069c50ccbdcf3d92e416f7d1522adf8.tar.gz
bugs-ca8760339069c50ccbdcf3d92e416f7d1522adf8.tar.bz2
bugs-ca8760339069c50ccbdcf3d92e416f7d1522adf8.tar.xz
bugs-ca8760339069c50ccbdcf3d92e416f7d1522adf8.zip
Stop ever using perl's crypt() function; only use mysql's. (Using
both was causing corruption on about 1 in 40 passwords.)
Diffstat (limited to 'editusers.cgi')
-rwxr-xr-xeditusers.cgi10
1 files changed, 1 insertions, 9 deletions
diff --git a/editusers.cgi b/editusers.cgi
index ccb108e79..5b5d7e526 100755
--- a/editusers.cgi
+++ b/editusers.cgi
@@ -277,21 +277,13 @@ if ($action eq 'new') {
}
- sub x {
- my $sc="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789./";
- return substr($sc, int (rand () * 100000) % (length ($sc) + 1), 1);
- }
-
- my $salt = x() . x();
- my $cryptpassword = crypt($password, $salt);
-
# Add the new user
SendSQL("INSERT INTO profiles ( " .
"login_name, password, cryptpassword, realname, groupset" .
" ) VALUES ( " .
SqlQuote($user) . "," .
SqlQuote($password) . "," .
- SqlQuote($cryptpassword) . "," .
+ "encrypt(" . SqlQuote($password) . ")," .
SqlQuote($realname) . "," .
$bits . ")" );