From 7a82c6f7780fdedc4ce4730195b075dfc0e4f3e6 Mon Sep 17 00:00:00 2001 From: Kanti Date: Wed, 6 Aug 2014 07:11:11 +0200 Subject: [PATCH] Revert "Added Blackcodec's password security code" This reverts commit 7963ae985424147c490b3e8c85ac9482a3220f54. --- config/users/username.ini.example | 4 ---- system/admin/admin.php | 12 ++++-------- 2 files changed, 4 insertions(+), 12 deletions(-) diff --git a/config/users/username.ini.example b/config/users/username.ini.example index 6154b62..befaed5 100644 --- a/config/users/username.ini.example +++ b/config/users/username.ini.example @@ -1,9 +1,5 @@ ;Password password = yourpassword -encryption = clear -; encryption: not set, leave blank or set to clear or none to use plain text password for the user, -; else set to encryption algoritm supported by hash function of php to use the selected -; encryption ;Role role = admin \ No newline at end of file diff --git a/system/admin/admin.php b/system/admin/admin.php index 90c9922..6f8dce8 100644 --- a/system/admin/admin.php +++ b/system/admin/admin.php @@ -15,20 +15,16 @@ function user($key, $user = null) { // Create a session function session($user, $pass, $str = null) { $user_file = 'config/users/' . $user . '.ini'; - $user_enc = user('encryption', $user); $user_pass = user('password', $user); - $password = (strlen($user_enc) > 0 && $user_enc !== 'clear' && $user_enc !== 'none')?hash($user_enc,$pass):$pass; - if(file_exists($user_file)) { - if($pass === $user_pass) { + if (file_exists($user_file)) { + if ($pass === $user_pass) { $_SESSION[config("site.url")]['user'] = $user; header('location: admin'); - } - else { + } else { return $str = '
  • Your username and password mismatch.
    • '; } - } - else { + } else { return $str = '
  • Username not found in our record.
    • '; } }