improved password generating method (salt + SHA-256)

2015-02-15 16:23:01 +01:00
parent a542813c8f
commit bf23339cfe
3 changed files with 21 additions and 6 deletions
--- a/inc/controllers/AdminController.class.php
+++ b/inc/controllers/AdminController.class.php
@@ -144,7 +144,7 @@ class AdminController extends Controller
 								$av = $user_info['avatar']; //if new avatar is not set
 					
 						if ($_POST['passwd'] != '')
-							$this->getModel('UsersModel')->changeUserPassword($_GET['id'], sha1($_POST['passwd']));
+							$this->getModel('UsersModel')->changeUserPassword($_GET['id'], $user_info['nick'], $_POST['passwd']);
 						
 						$this->getModel('UsersModel')->changeUserRank($_GET['id'], $_POST['user_rank']);
 						$this->getModel('UsersModel')->updateUserProfile($_GET['id'], $_POST['nick'], $_POST['email'], $_POST['location'], $_POST['signature'], $av);