function compare_passwords($plain, $hashed) { // Backwards compatibility if (strpos($hashed, ':') === false) { return secure_compare(md5($plain), $hashed); } return secure_compare(salted_hash($plain, $hashed), $hashed); }
/** * Determine if the password is correct and salt it if it hasn't been already * * @param string $userID The user ID to check the password against * @param string $passwd The password the visitor sent * * @return bool True if password was correct and properly salted, otherwise false */ function valid_passwd($userID, $passwd) { $dbh = DB::connect(); if ($passwd == "") { return false; } /* Get salt for this user. */ $salt = get_salt($userID); if ($salt) { $q = "SELECT ID FROM Users "; $q .= "WHERE ID = " . $userID . " "; $q .= "AND Passwd = " . $dbh->quote(salted_hash($passwd, $salt)); $result = $dbh->query($q); if (!$result) { return false; } $row = $result->fetch(PDO::FETCH_NUM); return $row[0] > 0; } else { /* Check password without using salt. */ $q = "SELECT ID FROM Users "; $q .= "WHERE ID = " . $userID . " "; $q .= "AND Passwd = " . $dbh->quote(md5($passwd)); $result = $dbh->query($q); if (!$result) { return false; } $row = $result->fetch(PDO::FETCH_NUM); if (!$row[0]) { return false; } /* Password correct, but salt it first! */ if (!save_salt($userID, $passwd)) { trigger_error("Unable to salt user's password;" . " ID " . $userID, E_USER_WARNING); return false; } return true; } }
exit; } $error = 0; $current_user_password = trim($HTTP_POST_VARS['current_user_password']); $user_password = trim($HTTP_POST_VARS['user_password']); $user_password2 = trim($HTTP_POST_VARS['user_password2']); if (!compare_passwords($current_user_password, $user_info['user_password'])) { $msg .= ($msg != "" ? "<br />" : "") . $lang['update_password_error']; $error = 1; } if ($user_password != $user_password2 || $user_password == "") { $msg .= ($msg != "" ? "<br />" : "") . $lang['update_password_confirm_error']; $error = 1; } if (!$error) { $user_password_hashed = salted_hash($user_password); $sql = "UPDATE " . USERS_TABLE . "\n SET " . get_user_table_field("", "user_password") . " = '" . $user_password_hashed . "'\n WHERE " . get_user_table_field("", "user_id") . " = " . $user_info['user_id']; $site_db->query($sql); $msg = $lang['update_password_success']; $user_info = $site_sess->load_user_info($user_info['user_id']); } $action = "editprofile"; } if ($action == "editprofile") { $txt_clickstream = $lang['control_panel']; if ($user_info['user_level'] == GUEST) { show_error_page($lang['no_permission']); exit; } $user_name = $user_info['user_name']; if (!$update_process) {
if (empty($cont)) { $error_log[] = "Could not load: " . $db_file; } if (empty($error_log)) { $cont = preg_replace('/4images_/', $table_prefix, $cont); $pieces = split_sql_dump($cont); for ($i = 0; $i < sizeof($pieces); $i++) { $sql = trim($pieces[$i]); if (!empty($sql) and $sql[0] != "#") { if (!$site_db->query($sql)) { $error_log[] = $sql; } } } include ROOT_PATH . 'includes/security_utils.php'; $admin_pass_hashed = salted_hash($admin_password); $current_time = time(); $sql = "UPDATE " . $table_prefix . "users\n SET user_name = '{$admin_user}', user_password = '******', user_joindate = {$current_time}, user_lastaction = {$current_time}, user_lastvisit = {$current_time}\n WHERE user_name = 'admin'"; if (!$site_db->query($sql)) { $error_log[] = $sql; } $sql = "UPDATE " . $table_prefix . "settings\n SET setting_value = '{$install_lang}'\n WHERE setting_name = 'language_dir'"; if (!$site_db->query($sql)) { $error_log[] = $sql; } } if (empty($error_log)) { $config_file = '<?php' . "\n"; $config_file .= '/**************************************************************************' . "\n"; $config_file .= ' * *' . "\n"; $config_file .= ' * 4images - A Web Based Image Gallery Management System *' . "\n";
/** * Save a user's salted password in the database * * @param string $user_id The user ID of the user who is salting their password * @param string $passwd The password of the user logging in */ function save_salt($user_id, $passwd) { $dbh = DB::connect(); $salt = generate_salt(); $hash = salted_hash($passwd, $salt); $q = "UPDATE Users SET Salt = " . $dbh->quote($salt) . ", "; $q .= "Passwd = " . $dbh->quote($hash) . " WHERE ID = " . $user_id; return $dbh->exec($q); }
$password = $_POST['password']; $confirm = $_POST['confirm']; $uid = uid_from_email($email); if (empty($email) || empty($password)) { $error = __('Missing a required field.'); } elseif ($password != $confirm) { $error = __('Password fields do not match.'); } elseif (!good_passwd($password)) { $length_min = config_get_int('options', 'passwd_min_len'); $error = __("Your password must be at least %s characters.", $length_min); } elseif ($uid == null) { $error = __('Invalid e-mail.'); } if (empty($error)) { $salt = generate_salt(); $hash = salted_hash($password, $salt); $error = password_reset($hash, $salt, $resetkey, $email); } } elseif (isset($_POST['email'])) { $email = $_POST['email']; $username = username_from_id(uid_from_email($email)); if (empty($email)) { $error = __('Missing a required field.'); } else { send_resetkey($email); header('Location: ' . get_uri('/passreset/') . '?step=confirm'); exit; } } $step = isset($_GET['step']) ? $_GET['step'] : NULL; html_header(__("Password Reset"));