remove support for plain-text passwords
This commit is contained in:
parent
68511f86ac
commit
7f16656eb7
3 changed files with 5 additions and 4 deletions
|
@ -740,8 +740,7 @@
|
||||||
$pwd_hash = 'SHA1:' . sha1($password);
|
$pwd_hash = 'SHA1:' . sha1($password);
|
||||||
|
|
||||||
$result = db_query($link, "SELECT id,login,access_level FROM ttrss_users WHERE
|
$result = db_query($link, "SELECT id,login,access_level FROM ttrss_users WHERE
|
||||||
login = '$login' AND ((pwd_hash = '$password' AND '$password' = 'password')
|
login = '$login' AND pwd_hash = '$pwd_hash'");
|
||||||
OR pwd_hash = '$pwd_hash')");
|
|
||||||
|
|
||||||
if (db_num_rows($result) == 1) {
|
if (db_num_rows($result) == 1) {
|
||||||
$_SESSION["uid"] = db_fetch_result($result, 0, "id");
|
$_SESSION["uid"] = db_fetch_result($result, 0, "id");
|
||||||
|
|
|
@ -34,7 +34,8 @@ create table ttrss_users (id integer primary key not null auto_increment,
|
||||||
index (theme_id),
|
index (theme_id),
|
||||||
foreign key (theme_id) references ttrss_themes(id)) TYPE=InnoDB;
|
foreign key (theme_id) references ttrss_themes(id)) TYPE=InnoDB;
|
||||||
|
|
||||||
insert into ttrss_users (login,pwd_hash,access_level) values ('admin', 'password', 10);
|
insert into ttrss_users (login,pwd_hash,access_level) values ('admin',
|
||||||
|
'SHA1:5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8', 10);
|
||||||
|
|
||||||
create table ttrss_feed_categories(id integer not null primary key auto_increment,
|
create table ttrss_feed_categories(id integer not null primary key auto_increment,
|
||||||
owner_uid integer not null,
|
owner_uid integer not null,
|
||||||
|
|
|
@ -32,7 +32,8 @@ create table ttrss_users (id serial not null primary key,
|
||||||
email varchar(250) not null default '',
|
email varchar(250) not null default '',
|
||||||
theme_id integer references ttrss_themes(id) default null);
|
theme_id integer references ttrss_themes(id) default null);
|
||||||
|
|
||||||
insert into ttrss_users (login,pwd_hash,access_level) values ('admin', 'password', 10);
|
insert into ttrss_users (login,pwd_hash,access_level) values ('admin',
|
||||||
|
'SHA1:5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8', 10);
|
||||||
|
|
||||||
create table ttrss_feed_categories(id serial not null primary key,
|
create table ttrss_feed_categories(id serial not null primary key,
|
||||||
owner_uid integer not null references ttrss_users(id) on delete cascade,
|
owner_uid integer not null references ttrss_users(id) on delete cascade,
|
||||||
|
|
Loading…
Reference in a new issue