projects
/
e-DoKo.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
updated copyright for 2013
[e-DoKo.git]
/
include
/
login.php
diff --git
a/include/login.php
b/include/login.php
index ab7b48a5d971f41f095e4b4781e8d7e4a4666177..caaf4e13e222245e622e52621e0aa8ec4e19bb75 100644
(file)
--- a/
include/login.php
+++ b/
include/login.php
@@
-1,5
+1,5
@@
<?php
<?php
-/* Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012 Arun Persaud <arun@nubati.net>
+/* Copyright 2006, 2007, 2008, 2009, 2010, 2011, 2012
, 2013
Arun Persaud <arun@nubati.net>
*
* This file is part of e-DoKo.
*
*
* This file is part of e-DoKo.
*
@@
-85,21
+85,27
@@
else if(myisset('email','password'))
$password = $_REQUEST['password'];
/* verify password and email */
$password = $_REQUEST['password'];
/* verify password and email */
- if(strlen($password)!=32)
- $password = md5($password);
$ok = 1;
$ok = 1;
- $myid = DB_get_userid('email-password',$email,$password);
- if(!$myid)
- $ok = 0;
+ $myid = DB_get_userid('email',$email);
- if($ok)
+ $result = verify_password($email, $password);
+ switch($result)
{
{
- /* user information is ok, set session variabel */
- $myname = DB_get_name('email',$email);
+ case 0:
+ /* user information is ok, set session variable */
+ $myname = DB_get_name('email',$email);
+ $hashedpassword = DB_get_passwd_by_userid($myid);
$_SESSION['name'] = $myname;
$_SESSION['id'] = $myid;
$_SESSION['name'] = $myname;
$_SESSION['id'] = $myid;
- $_SESSION['pass'] = $password;
+ $_SESSION['pass'] = $hashedpassword;
+ break;
+ case 1:
+ echo "Can't find you in the database\n";
+ break;
+ case 2:
+ echo "Problem creating password hash, please contact $ADMIN at $ADMIN_EMAIL\n";
+ break;
}
}
else
}
}
else