diff options
| author | terry%mozilla.org <> | 2000-01-18 22:40:18 +0000 |
|---|---|---|
| committer | terry%mozilla.org <> | 2000-01-18 22:40:18 +0000 |
| commit | ca8760339069c50ccbdcf3d92e416f7d1522adf8 (patch) | |
| tree | e2386af360bc276ba659635b80075da04dd24ed4 /editusers.cgi | |
| parent | e908456f366483dcc915bafc7036733310ebc6e5 (diff) | |
| download | bugs-ca8760339069c50ccbdcf3d92e416f7d1522adf8.tar bugs-ca8760339069c50ccbdcf3d92e416f7d1522adf8.tar.gz bugs-ca8760339069c50ccbdcf3d92e416f7d1522adf8.tar.bz2 bugs-ca8760339069c50ccbdcf3d92e416f7d1522adf8.tar.xz bugs-ca8760339069c50ccbdcf3d92e416f7d1522adf8.zip | |
Stop ever using perl's crypt() function; only use mysql's. (Using
both was causing corruption on about 1 in 40 passwords.)
Diffstat (limited to 'editusers.cgi')
| -rwxr-xr-x | editusers.cgi | 10 |
1 files changed, 1 insertions, 9 deletions
diff --git a/editusers.cgi b/editusers.cgi index ccb108e79..5b5d7e526 100755 --- a/editusers.cgi +++ b/editusers.cgi @@ -277,21 +277,13 @@ if ($action eq 'new') { } - sub x { - my $sc="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789./"; - return substr($sc, int (rand () * 100000) % (length ($sc) + 1), 1); - } - - my $salt = x() . x(); - my $cryptpassword = crypt($password, $salt); - # Add the new user SendSQL("INSERT INTO profiles ( " . "login_name, password, cryptpassword, realname, groupset" . " ) VALUES ( " . SqlQuote($user) . "," . SqlQuote($password) . "," . - SqlQuote($cryptpassword) . "," . + "encrypt(" . SqlQuote($password) . ")," . SqlQuote($realname) . "," . $bits . ")" ); |