From 1a2c47986c9c64c3b190469618f6536d9658b614 Mon Sep 17 00:00:00 2001 From: Gregory Colpart Date: Fri, 1 Sep 2017 03:35:16 +0200 Subject: [PATCH] Put auth hashs in conf file --- conf/config.php | 5 +++++ inc/auth.php | 7 +------ 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/conf/config.php b/conf/config.php index fbd5ed2..146f86d 100644 --- a/conf/config.php +++ b/conf/config.php @@ -36,3 +36,8 @@ $oriconf['noreplication'] = array('srv00.example.com', 'srv01.example.com', 'srv $oriconf['postponedreplication'] = array('srv00.example.com', 'srv01.example.com', 'srv02.example.com'); $oriconf['immediatereplication'] = array('srv00.example.com', 'srv01.example.com'); $oriconf['postponedreplication_mode'] = array('1 fois/jour', '3 fois/jour', '1 fois/jour'); + +// auth (sha256 hashs) +$oriconf['logins'] = array(); +//$oriconf['logins']['foo'] = 'd5d3c723fb82cb0078f399888af78204234535ec2ef3da56710fdd51f90d2477'; +//$oriconf['logins']['bar'] = '7938c84d6e43d1659612a7ea7c1101ed02e52751bb64597a8c20ebaba8ba4303'; diff --git a/inc/auth.php b/inc/auth.php index bc2e978..4f709d9 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -13,16 +13,11 @@ * @version 1.0 */ -// sha256 hashs (TODO: move in conf file) -$logins=array(); -$logins['foo'] = 'd5d3c723fb82cb0078f399888af78204234535ec2ef3da56710fdd51f90d2477'; -$logins['bar'] = '7938c84d6e43d1659612a7ea7c1101ed02e52751bb64597a8c20ebaba8ba4303'; - if ((empty($_GET['form']) || $_GET['form']!=1) && !empty($_POST)) { $username=$_POST['login']; $password=$_POST['passw']; - if (hash("sha256",$password) == $logins[$username]) { + if (hash("sha256",$password) == $conf['logins'][$username]) { $_SESSION['auth']=1; $_SESSION['user']=$username; $_SESSION['error']='';