aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/phpbb/passwords
diff options
context:
space:
mode:
Diffstat (limited to 'phpBB/phpbb/passwords')
-rw-r--r--phpBB/phpbb/passwords/driver/salted_md5.php16
1 files changed, 8 insertions, 8 deletions
diff --git a/phpBB/phpbb/passwords/driver/salted_md5.php b/phpBB/phpbb/passwords/driver/salted_md5.php
index 23ae25c0c9..c44da540a6 100644
--- a/phpBB/phpbb/passwords/driver/salted_md5.php
+++ b/phpBB/phpbb/passwords/driver/salted_md5.php
@@ -41,7 +41,13 @@ class salted_md5 extends \phpbb\passwords\driver\base
{
if (($settings = $this->get_hash_settings($setting)) === false)
{
- return false;
+ // Return md5 of password if settings do not
+ // comply with our standards. This will only
+ // happen if pre-determined settings are
+ // directly passed to the driver. The manager
+ // will not do this. Same as the old hashing
+ // implementatio in phpBB 3.0
+ return md5($password);
}
}
else
@@ -59,13 +65,7 @@ class salted_md5 extends \phpbb\passwords\driver\base
$output = $settings['full'];
$output .= $this->helper->hash_encode64($hash, 16);
- if (strlen($output) == 34)
- {
- return $output;
- }
-
- // Should we really just return the md5 of the password? O.o
- return md5($password);
+ return $output;
}
/**