diff options
| author | Marc Alexander <admin@m-a-styles.de> | 2013-10-13 16:32:37 +0200 |
|---|---|---|
| committer | Marc Alexander <admin@m-a-styles.de> | 2013-10-13 16:32:37 +0200 |
| commit | 61f60d395a5f16105a18790f2f73eddcd830e475 (patch) | |
| tree | a0a39ca19423eeae3ed6d4fe15e9f5023946685f /phpBB/includes/ucp/ucp_remind.php | |
| parent | e674313559c0aa4705923fd79312ef14117abb9b (diff) | |
| download | forums-61f60d395a5f16105a18790f2f73eddcd830e475.tar forums-61f60d395a5f16105a18790f2f73eddcd830e475.tar.gz forums-61f60d395a5f16105a18790f2f73eddcd830e475.tar.bz2 forums-61f60d395a5f16105a18790f2f73eddcd830e475.tar.xz forums-61f60d395a5f16105a18790f2f73eddcd830e475.zip | |
[feature/passwords] Use passwords manager service instead of functions
The old functions phpbb_hash() and phpbb_check_hash() have been replaced with
the passwords manager service in all front-end related files. The phpBB2
converter and the release_3_0_5_rc1 migration file have not been changed.
The same applies to the security/hash_test that still tests the function
phpbb_check_hash(). This will however make sure that the old function
still works.
PHPBB3-11610
Diffstat (limited to 'phpBB/includes/ucp/ucp_remind.php')
| -rw-r--r-- | phpBB/includes/ucp/ucp_remind.php | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/phpBB/includes/ucp/ucp_remind.php b/phpBB/includes/ucp/ucp_remind.php index b3def63896..44395abb44 100644 --- a/phpBB/includes/ucp/ucp_remind.php +++ b/phpBB/includes/ucp/ucp_remind.php @@ -27,7 +27,7 @@ class ucp_remind function main($id, $mode) { global $config, $phpbb_root_path, $phpEx; - global $db, $user, $auth, $template; + global $db, $user, $auth, $template, $phpbb_container;; if (!$config['allow_password_reset']) { @@ -88,8 +88,11 @@ class ucp_remind // For the activation key a random length between 6 and 10 will do. $user_actkey = gen_rand_string(mt_rand(6, 10)); + // Instantiate passwords manager + $passwords_manager = $phpbb_container->get('passwords.manager'); + $sql = 'UPDATE ' . USERS_TABLE . " - SET user_newpasswd = '" . $db->sql_escape(phpbb_hash($user_password)) . "', user_actkey = '" . $db->sql_escape($user_actkey) . "' + SET user_newpasswd = '" . $db->sql_escape($passwords_manager->hash($user_password)) . "', user_actkey = '" . $db->sql_escape($user_actkey) . "' WHERE user_id = " . $user_row['user_id']; $db->sql_query($sql); |