Unverified Commit 43aa5b44 authored by Amin.MasterkinG's avatar Amin.MasterkinG Committed by GitHub
Browse files

Fix password change.

parent e0be6896
......@@ -139,7 +139,7 @@ class user
if (!empty($userinfo["username"])) {
$Old_hashed_pass = strtoupper(sha1(strtoupper($userinfo["username"] . ":" . $_POST["old_password"])));
$hashed_pass = strtoupper(sha1(strtoupper($userinfo["username"] . ":" . $_POST["password"])));
if ($userinfo["sha_pass_hash"] == $Old_hashed_pass) {
if (strtoupper($userinfo["sha_pass_hash"]) == $Old_hashed_pass) {
database::$auth->update("account", [
"sha_pass_hash" => $antiXss->xss_clean($hashed_pass),
"sessionkey" => "",
......@@ -191,7 +191,7 @@ class user
if (!empty($userinfo["username"])) {
$Old_hashed_pass = strtoupper(sha1(strtoupper($userinfo["username"] . ":" . $_POST["old_password"])));
$hashed_pass = strtoupper(sha1(strtoupper($userinfo["username"] . ":" . $_POST["password"])));
if ($userinfo["sha_pass_hash"] == $Old_hashed_pass) {
if (strtoupper($userinfo["sha_pass_hash"]) == $Old_hashed_pass) {
database::$auth->update("account", [
"sha_pass_hash" => $antiXss->xss_clean($hashed_pass),
"sessionkey" => "",
......@@ -263,4 +263,4 @@ class user
}
return false;
}
}
\ No newline at end of file
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment