diff options
Diffstat (limited to 'phpBB/phpbb')
| -rw-r--r-- | phpBB/phpbb/auth/provider/db.php | 2 | ||||
| -rw-r--r-- | phpBB/phpbb/passwords/manager.php | 4 |
2 files changed, 4 insertions, 2 deletions
diff --git a/phpBB/phpbb/auth/provider/db.php b/phpBB/phpbb/auth/provider/db.php index de07a84cf5..aa597c8e9f 100644 --- a/phpBB/phpbb/auth/provider/db.php +++ b/phpBB/phpbb/auth/provider/db.php @@ -245,7 +245,7 @@ class db extends \phpbb\auth\provider\base if (!$row['user_pass_convert'] && $this->passwords_manager->check($password, $row['user_password'])) { // Check for old password hash... - if (strlen($row['user_password']) == 32) + if ($this->passwords_manager->convert_flag || strlen($row['user_password']) == 32) { $hash = $this->passwords_manager->hash($password); diff --git a/phpBB/phpbb/passwords/manager.php b/phpBB/phpbb/passwords/manager.php index dde81a9818..0c9eb4f067 100644 --- a/phpBB/phpbb/passwords/manager.php +++ b/phpBB/phpbb/passwords/manager.php @@ -243,7 +243,9 @@ class manager // Multiple hash passes needed if (is_array($stored_hash_type)) { - return $this->helper->check_combined_hash($password, $stored_hash_type, $hash); + $correct = $this->helper->check_combined_hash($password, $stored_hash_type, $hash); + $this->convert_flag = ($correct === true) ? true : false; + return $correct; } if ($stored_hash_type->get_name() !== $this->type) |