SPIP/compteSPIP
SPIP/compteSPIP
4
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

si pas de js, alors mdp < 50 caracteres => on crypte en php

Browse source
This commit is contained in:
Christophe 2020-08-13 23:33:12 +02:00
parent f40861317c
commit 81bf469c99
1 changed files with 27 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

23
formulaires/editer_compte_spip.php
View file

@ -131,17 +131,38 @@ function formulaires_editer_compte_spip_traiter_dist($id_auteur = 'new', $redir
$login = strtolower(str_replace($search, $replace, _request('nom')));
$login .= '_'.$id_auteur;
$set['login'] = $login;
$set['statut'] = $mode;
if (strlen($password) < 50) {
include_spip('inc/acces');
include_spip('auth/sha256.inc');
$alea_actuel = creer_uniqid();
$pass = spip_sha256($alea_actuel . $password);
$set['pass'] = $pass;
$set['alea_actuel'] = $alea_actuel;
$set['alea_futur'] = $alea_actuel;
} else {
$set['pass'] = $password;
$set['alea_actuel'] = "";
$set['alea_futur'] = creer_uniqid();
$set['statut'] = $mode;
}
} else {
if ($password) {
// si le password fait moins de 50 caracteres, on peut penser que le javascript n'a pas fonctionné, on crypte alors le mdp
if (strlen($password) < 50) {
include_spip('inc/acces');
include_spip('auth/sha256.inc');
$alea_actuel = creer_uniqid();
$pass = spip_sha256($alea_actuel . $password);
$set['pass'] = $pass;
$set['alea_actuel'] = $alea_actuel;
$set['alea_futur'] = $alea_actuel;
} else {
$set['pass'] = $password;
$set['alea_actuel'] = "";
$set['alea_futur'] = creer_uniqid();
}
}
}
if (!empty($saisies)) {