fix for bug #1482
This commit is contained in:
Andreas Grundler
@@ -372,7 +372,7 @@ if ($page == 'admins'
|
||||
|
||||
$ins_data = array(
|
||||
'loginname' => $loginname,
|
||||
'password' => md5($password),
|
||||
'password' => makeCryptPassword($password),
|
||||
'name' => $name,
|
||||
'email' => $email,
|
||||
'lang' => $def_language,
|
||||
@@ -637,7 +637,7 @@ if ($page == 'admins'
|
||||
} else {
|
||||
if ($password != '') {
|
||||
$password = validatePassword($password);
|
||||
$password = md5($password);
|
||||
$password = makeCryptPassword($password);
|
||||
} else {
|
||||
$password = $result['password'];
|
||||
}
|
||||
|
||||
@@ -645,7 +645,7 @@ if ($page == 'customers'
|
||||
$ins_data = array(
|
||||
'adminid' => $userinfo['adminid'],
|
||||
'loginname' => $loginname,
|
||||
'passwd' => md5($password),
|
||||
'passwd' => makeCryptPassword($password),
|
||||
'name' => $name,
|
||||
'firstname' => $firstname,
|
||||
'gender' => $gender,
|
||||
@@ -1215,7 +1215,7 @@ if ($page == 'customers'
|
||||
|
||||
if ($password != '') {
|
||||
$password = validatePassword($password);
|
||||
$password = md5($password);
|
||||
$password = makeCryptPassword($password);
|
||||
} else {
|
||||
$password = $result['password'];
|
||||
}
|
||||
|
||||
@@ -199,7 +199,7 @@ if ($page == 'overview') {
|
||||
) {
|
||||
$old_password = validate($_POST['old_password'], 'old password');
|
||||
|
||||
if (md5($old_password) != $userinfo['password']) {
|
||||
if (!validatePasswordLogin($userinfo,$old_password,TABLE_PANEL_ADMINS,'adminid')) {
|
||||
standard_error('oldpasswordnotcorrect');
|
||||
exit;
|
||||
}
|
||||
@@ -219,13 +219,11 @@ if ($page == 'overview') {
|
||||
$chgpwd_stmt = Database::prepare("
|
||||
UPDATE `" . TABLE_PANEL_ADMINS . "`
|
||||
SET `password`= :newpasswd
|
||||
WHERE `adminid`= :adminid
|
||||
AND `password`= :oldpasswd"
|
||||
WHERE `adminid`= :adminid"
|
||||
);
|
||||
Database::pexecute($chgpwd_stmt, array(
|
||||
'newpasswd' => md5($new_password),
|
||||
'adminid' => (int)$userinfo['adminid'],
|
||||
'oldpasswd' => md5($old_password)
|
||||
'newpasswd' => makeCryptPassword($new_password),
|
||||
'adminid' => (int)$userinfo['adminid']
|
||||
));
|
||||
$log->logAction(ADM_ACTION, LOG_NOTICE, 'changed password');
|
||||
redirectTo($filename, Array('s' => $s));
|
||||
|
||||
@@ -99,7 +99,7 @@ if ($page == 'overview') {
|
||||
} elseif ($page == 'change_password') {
|
||||
if (isset($_POST['send']) && $_POST['send'] == 'send') {
|
||||
$old_password = validate($_POST['old_password'], 'old password');
|
||||
if (md5($old_password) != $userinfo['password']) {
|
||||
if (!validatePasswordLogin($userinfo,$old_password,TABLE_PANEL_CUSTOMERS,'customerid')) {
|
||||
standard_error('oldpasswordnotcorrect');
|
||||
exit;
|
||||
}
|
||||
@@ -119,13 +119,11 @@ if ($page == 'overview') {
|
||||
// Update user password
|
||||
$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
|
||||
SET `password` = :newpassword
|
||||
WHERE `customerid` = :customerid
|
||||
AND `password` = :oldpassword"
|
||||
WHERE `customerid` = :customerid"
|
||||
);
|
||||
$params = array(
|
||||
"newpassword" => md5($new_password),
|
||||
"customerid" => $userinfo['customerid'],
|
||||
"oldpassword" => md5($old_password)
|
||||
"newpassword" => makeCryptPassword($new_password),
|
||||
"customerid" => $userinfo['customerid']
|
||||
);
|
||||
Database::pexecute($stmt, $params);
|
||||
$log->logAction(USR_ACTION, LOG_NOTICE, 'changed password');
|
||||
|
||||
Reference in New Issue
Block a user