perdedora/leftypol
1
0
Fork 0
forked from leftypol/leftypol
Code Pull requests Activity

auth.php: no need to repass version anymore in test_password

Browse source
This commit is contained in:
fowr 2025-04-16 14:44:37 -03:00 committed by Zankaria
parent f7bef11ac9
commit 715005ec96
1 changed files with 3 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
inc/mod/auth.php
View file

@ -55,7 +55,7 @@ function crypt_password($password) {
return [ $version, $r ];
}
function test_password(string $db_hash, string|int $version, string $input_password): array {
function test_password(string $db_hash, string|int $version, string $input_password): bool {
// Version = 0 denotes an old password hashing schema. In the same column, the
// password hash was kept previously
$version = (int)$version;
@ -65,7 +65,7 @@ function test_password(string $db_hash, string|int $version, string $input_passw
$pre_hash = \hash('tiger160,3', $input_password, false);
$ok = \password_verify($pre_hash, $db_hash);
}
return [ $version, $ok ];
return $ok;
}
function generate_salt() {
@ -80,7 +80,7 @@ function login($username, $password) {
$query->execute() or error(db_error($query));
if ($user = $query->fetch(PDO::FETCH_ASSOC)) {
list($version, $ok) = test_password($user['password'], $user['version'], $password);
$ok = test_password($user['password'], $user['version'], $password);
if ($ok) {
if ((int)$user['version'] < 2) {