[Evolvis-commits] r126: remove unsafe use of MD5Password↵

mirabilos at evolvis.org mirabilos at evolvis.org
Mon Jun 8 11:37:50 CEST 2009


Author: mirabilos
Date: 2009-06-08 09:37:50 +0000 (Mon, 08 Jun 2009)
New Revision: 126

Modified:
   branches/php-v5-sid-branch/www/account/index.php
Log:
remove unsafe use of MD5Password


Modified: branches/php-v5-sid-branch/www/account/index.php
===================================================================
--- branches/php-v5-sid-branch/www/account/index.php	2009-06-08 08:43:07 UTC (rev 125)
+++ branches/php-v5-sid-branch/www/account/index.php	2009-06-08 09:37:50 UTC (rev 126)
@@ -66,13 +66,8 @@
 
 /*
 //needs security audit
-	if ($remember_user) {
-		// set cookie, expire in 3 months
-		setcookie("sf_user_hash",$u->getID().'_'.substr($u->getMD5Passwd(),0,16),time()+90*24*60*60,'/');
-	} else {
 		// remove cookie
 		setcookie("sf_user_hash",'',0,'/');
-	}
 */
 	// Refresh page if language or theme changed
 	$refresh = ($language != $u->getLanguage() || $theme_id != $u->getThemeID());




More information about the evolvis-commits mailing list