]>
git.wh0rd.org - tt-rss.git/blob - classes/auth_internal.php
2 class Auth_Internal
extends Auth_Base
{
4 function authenticate($login, $password) {
6 $pwd_hash1 = encrypt_password($password);
7 $pwd_hash2 = encrypt_password($password, $login);
8 $login = db_escape_string($login);
10 if (get_schema_version($this->link
) > 87) {
12 $result = db_query($this->link
, "SELECT salt FROM ttrss_users WHERE
15 if (db_num_rows($result) != 1) {
19 $salt = db_fetch_result($result, 0, "salt");
24 FROM ttrss_users WHERE
25 login = '$login' AND (pwd_hash = '$pwd_hash1' OR
26 pwd_hash = '$pwd_hash2')";
28 // verify and upgrade password to new salt base
30 $result = db_query($this->link
, $query);
32 if (db_num_rows($result) == 1) {
33 // upgrade password to MODE2
35 $salt = substr(bin2hex(get_random_bytes(125)), 0, 250);
36 $pwd_hash = encrypt_password($password, $salt, true);
38 db_query($this->link
, "UPDATE ttrss_users SET
39 pwd_hash = '$pwd_hash', salt = '$salt' WHERE login = '$login'");
42 FROM ttrss_users WHERE
43 login = '$login' AND pwd_hash = '$pwd_hash'";
51 $pwd_hash = encrypt_password($password, $salt, true);
54 FROM ttrss_users WHERE
55 login = '$login' AND pwd_hash = '$pwd_hash'";
61 FROM ttrss_users WHERE
62 login = '$login' AND (pwd_hash = '$pwd_hash1' OR
63 pwd_hash = '$pwd_hash2')";
66 $result = db_query($this->link
, $query);
68 if (db_num_rows($result) == 1) {
69 return db_fetch_result($result, 0, "id");