When a new password is generated, the salt is now regenerated first. Fixes #726.

git-svn-id: https://code.elgg.org/elgg/trunk@2637 36083f99-b078-4883-b0ff-0f9b5a30f544
author: ben <ben@36083f99-b078-4883-b0ff-0f9b5a30f544> 2009-02-04 12:50:49 +0000
committer: ben <ben@36083f99-b078-4883-b0ff-0f9b5a30f544> 2009-02-04 12:50:49 +0000
commit: f5a5a7b37580e6c5fc34d9b4c5729eeb18e5e7db (patch)
tree: 469698eb679b05dd502567cffeebd11b360af1ee /engine/lib/users.php
parent: 4f121eefd2c13defbc7b29077cdb9a6dace7c5bb (diff)
download: elgg-f5a5a7b37580e6c5fc34d9b4c5729eeb18e5e7db.tar.gz
elgg-f5a5a7b37580e6c5fc34d9b4c5729eeb18e5e7db.tar.bz2
1 files changed, 2 insertions, 2 deletions
diff --git a/engine/lib/users.php b/engine/lib/users.php
index 6dabbc9d2..baf3b5950 100644
--- a/engine/lib/users.php
+++ b/engine/lib/users.php
@@ -964,8 +964,8 @@
 			
 			if ($user)
 			{
-				$hash = generate_user_password($user, $password);
-				$salt = generate_random_cleartext_password(); // Reset the salt 
+				$salt = generate_random_cleartext_password(); // Reset the salt
+				$hash = generate_user_password($user, $password);
 				
 				return update_data("UPDATE {$CONFIG->dbprefix}users_entity set password='$hash', salt='$salt' where guid=$user_guid");
 			}
author	ben <ben@36083f99-b078-4883-b0ff-0f9b5a30f544>	2009-02-04 12:50:49 +0000
committer	ben <ben@36083f99-b078-4883-b0ff-0f9b5a30f544>	2009-02-04 12:50:49 +0000
commit	f5a5a7b37580e6c5fc34d9b4c5729eeb18e5e7db (patch)
tree	469698eb679b05dd502567cffeebd11b360af1ee /engine/lib/users.php
parent	4f121eefd2c13defbc7b29077cdb9a6dace7c5bb (diff)
download	elgg-f5a5a7b37580e6c5fc34d9b4c5729eeb18e5e7db.tar.gz elgg-f5a5a7b37580e6c5fc34d9b4c5729eeb18e5e7db.tar.bz2