Skip to content

Commit

Permalink
Update recover.php
Browse files Browse the repository at this point in the history
Add Bcrypt to password reset
  • Loading branch information
l3oncoder committed Jan 27, 2022
1 parent 6ee0436 commit 6cff93e
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions recover.php
Original file line number Diff line number Diff line change
Expand Up @@ -130,9 +130,9 @@
$email = $arr['email'];

$newpassword = pass_the_salt(30);
$multipass = hash_generate(['salt' => ''], $newpassword, $arr['username']);
$multipass = password_hash($newpassword, PASSWORD_BCRYPT);
$i = $btit_settings['secsui_pass_type'];
do_sqlquery("UPDATE `{$TABLE_PREFIX}users` SET `password`='".mysqli_real_escape_string($GLOBALS['conn'], $multipass[$i]['rehash'])."', `salt`='".mysqli_real_escape_string($GLOBALS['conn'], $multipass[$i]['salt'])."', `pass_type`='".$i."', `dupe_hash`='".mysqli_real_escape_string($GLOBALS['conn'], $multipass[$i]['dupehash'])."' WHERE `id`=$id AND `random`=$random", true);
do_sqlquery("UPDATE `{$TABLE_PREFIX}users` SET `password`='".mysqli_real_escape_string($GLOBALS['conn'], $multipass)."', `salt`='', `pass_type`='', `dupe_hash`='' WHERE `id`=$id AND `random`=$random", true);

if (!mysqli_affected_rows($GLOBALS['conn'])) {
stderr($language['ERROR'], $language['ERR_UPDATE_USER']);
Expand Down

0 comments on commit 6cff93e

Please sign in to comment.