|
@ -49,7 +49,7 @@ function login($username, $password, $makehash=true) { |
|
|
'username' => $username, |
|
|
'username' => $username, |
|
|
'hash' => mkhash($username, $password), |
|
|
'hash' => mkhash($username, $password), |
|
|
'boards' => explode(',', $user['boards']) |
|
|
'boards' => explode(',', $user['boards']) |
|
|
); |
|
|
); |
|
|
} else return false; |
|
|
} else return false; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
@ -108,7 +108,7 @@ if (isset($_COOKIE[$config['cookies']['mod']])) { |
|
|
$user = $query->fetch(); |
|
|
$user = $query->fetch(); |
|
|
|
|
|
|
|
|
// validate password hash |
|
|
// validate password hash |
|
|
if ($cookie[1] != mkhash($cookie[0], $user['password'], $cookie[2])) { |
|
|
if ($cookie[1] !== mkhash($cookie[0], $user['password'], $cookie[2])) { |
|
|
// Malformed cookies |
|
|
// Malformed cookies |
|
|
destroyCookies(); |
|
|
destroyCookies(); |
|
|
error($config['error']['malformed']); |
|
|
error($config['error']['malformed']); |
|
|