From b4ee69ed8d1656c6b70ba74d4e9542caac9d55c1 Mon Sep 17 00:00:00 2001
From: marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>
Date: Mon, 4 Aug 2008 10:59:16 +0000
Subject: Closes #193: Added salt field to database and new users will be
 generated with salted passwords.

Existing users remain unchanged and should still be able to log in.

Requires a schema change and the following code run against the database:

alter table elggusers_entity add column salt     varchar(8)  NOT NULL default '' after password;

git-svn-id: https://code.elgg.org/elgg/trunk@1676 36083f99-b078-4883-b0ff-0f9b5a30f544
---
 engine/lib/sessions.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'engine/lib/sessions.php')

diff --git a/engine/lib/sessions.php b/engine/lib/sessions.php
index a47415d64..279beb107 100644
--- a/engine/lib/sessions.php
+++ b/engine/lib/sessions.php
@@ -80,7 +80,7 @@
 	            	// Let admins log in without validating their email, but normal users must have validated their email
 					if ((!$user->admin) && (!$user->validated_email))
 						return false;
-	            	
+	          	
 	                 if ($user->password == generate_user_password($user, $credentials['password'])) {
 	                 	return true;
 	                 }
@@ -102,7 +102,7 @@
 		function login(ElggUser $user, $persistent = false) {
             
             global $CONFIG;
-                 
+               
             $_SESSION['user'] = $user;
             $_SESSION['guid'] = $user->getGUID();
             $_SESSION['id'] = $_SESSION['guid'];
-- 
cgit v1.2.3