evolix
/
evoadmin-web
22
0
Fork 1
Code Issues 33 Pull Requests 6 Releases 1 Wiki Activity

Make the change on the login mechanism compatible with old configurations

This commit is contained in:
Ludovic Poujol 2022-07-07 11:22:47 +02:00
parent d746aa445e
commit 66ceacd918
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
inc/auth.php
View File

@ -16,7 +16,14 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST)) {
$input_username = $_POST['login'];
$input_password = $_POST['passw'];
if (isset($conf['logins'][$input_username]) && password_verify($input_password, $conf['logins'][$input_username]) ) {
if (isset($conf['logins'][$input_username]) && strlen($conf['logins'][$input_username]) != 64 && password_verify($input_password, $conf['logins'][$input_username]) ) {
$_SESSION['auth'] = true;
$_SESSION['user'] = $input_username;
$_SESSION['user_id'] = posix_getpwnam($input_username) ? posix_getpwnam($input_username)['uid'] : 65534;
unset($_SESSION['error']);
} elseif (isset($conf['logins'][$input_username]) && strlen($conf['logins'][$input_username]) == 64 && hash("sha256",$input_password) === $conf['logins'][$input_username]) {
// Compatibility mode for previous installs (sha256)
$_SESSION['auth'] = true;
$_SESSION['user'] = $input_username;
$_SESSION['user_id'] = posix_getpwnam($input_username) ? posix_getpwnam($input_username)['uid'] : 65534;