diff options
Diffstat (limited to 'phpBB/phpbb/passwords')
| -rw-r--r-- | phpBB/phpbb/passwords/driver/salted_md5.php | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/phpBB/phpbb/passwords/driver/salted_md5.php b/phpBB/phpbb/passwords/driver/salted_md5.php index 23ae25c0c9..c44da540a6 100644 --- a/phpBB/phpbb/passwords/driver/salted_md5.php +++ b/phpBB/phpbb/passwords/driver/salted_md5.php @@ -41,7 +41,13 @@ class salted_md5 extends \phpbb\passwords\driver\base { if (($settings = $this->get_hash_settings($setting)) === false) { - return false; + // Return md5 of password if settings do not + // comply with our standards. This will only + // happen if pre-determined settings are + // directly passed to the driver. The manager + // will not do this. Same as the old hashing + // implementatio in phpBB 3.0 + return md5($password); } } else @@ -59,13 +65,7 @@ class salted_md5 extends \phpbb\passwords\driver\base $output = $settings['full']; $output .= $this->helper->hash_encode64($hash, 16); - if (strlen($output) == 34) - { - return $output; - } - - // Should we really just return the md5 of the password? O.o - return md5($password); + return $output; } /** |