diff options
| author | Cydrobolt <summermontreal@gmail.com> | 2014-03-11 03:13:10 +0400 |
|---|---|---|
| committer | Cydrobolt <summermontreal@gmail.com> | 2014-03-11 03:14:46 +0400 |
| commit | 1bc97e66c94fe9c91572de44bfa65d020afebf54 (patch) | |
| tree | 050d9e25a468adad486a26073b32945c76c79780 | |
| parent | 2ac5efc7ddd390ee5a19c55465b0ef14f2869184 (diff) | |
pw hashing
| -rw-r--r-- | dev/index.php | 2 | ||||
| -rw-r--r-- | dev/setup.php | 5 |
2 files changed, 4 insertions, 3 deletions
diff --git a/dev/index.php b/dev/index.php index d4718a1..74d3d01 100644 --- a/dev/index.php +++ b/dev/index.php @@ -6,7 +6,7 @@ echo "<h2>Enter password to proceed:</h2>"; echo "<form action='index.php' method='post'><br><input type='password' name='pw' /><br><input type='submit' value='Log in' /></form>"; die(); } -else if($_POST['pw']==$ppass) { +else if(md5(sha1($_POST['pw']."523422da3a33")+sha1($version.$reldate))==$ppass) { echo "<!--logged in-->"; } else if($ppfrontend!=true) { diff --git a/dev/setup.php b/dev/setup.php index 3453a7d..9fb2ac7 100644 --- a/dev/setup.php +++ b/dev/setup.php @@ -18,13 +18,14 @@ <span><h1>Polr setup</h1></span><br> <?php @(include('config.php')); + include ('version.php'); if (isset($ppass)) { if(!isset($_POST['pw'])) { echo "<h2>Enter password to proceed:</h2>"; echo "<form action='setup.php' method='post'><br><input type='password' name='pw' /><br><input type='submit' value='Log in' /></form>"; die(); } - else if($_POST['pw']==$ppass) { + else if(md5(sha1($_POST['pw']."523422da3a33")+sha1($version.$reldate))==$ppass) { echo ""; } else { @@ -44,7 +45,7 @@ '$db="'.$_POST['dbname'].'";'. '$wsa = "'.$_POST['appurl'].'";'. '$wsn = "'.$_POST['appname'].'";'. - '$ppass = "'.$_POST['protpass'].'";'. + '$ppass = "'.md5(sha1($_POST['protpass']."523422da3a33")+sha1($version.$reldate)).'";'. '$ppfrontend = "'.$_POST['pp'].'";'. '$ip = $_SERVER[\'REMOTE_ADDR\']; ?>'; |