summaryrefslogtreecommitdiff
path: root/includes
diff options
context:
space:
mode:
authorGreg Roach <fisharebest@gmail.com>2014-09-19 20:59:10 +0100
committerGreg Roach <fisharebest@gmail.com>2014-09-19 20:59:10 +0100
commit02a2224b6674a9c0ccdab3768f68a5a8a1367cad (patch)
tree4c58a5652d2ce1d54da1a6e5c571be9bf4366281 /includes
parent387eb279f5c8cc5dde900f4cf9829a7be8980153 (diff)
downloadwebtrees-02a2224b6674a9c0ccdab3768f68a5a8a1367cad.tar.gz
webtrees-02a2224b6674a9c0ccdab3768f68a5a8a1367cad.tar.bz2
webtrees-02a2224b6674a9c0ccdab3768f68a5a8a1367cad.zip
Unused code
Diffstat (limited to 'includes')
-rw-r--r--includes/session.php33
1 files changed, 30 insertions, 3 deletions
diff --git a/includes/session.php b/includes/session.php
index 7d58dc659f..25d8982204 100644
--- a/includes/session.php
+++ b/includes/session.php
@@ -138,20 +138,47 @@ if (!function_exists('password_hash')) {
if (crypt("password", $hash) === $hash) {
require WT_ROOT.'library/ircmaxell/password-compat/lib/password.php';
} else {
- // For older/unpatched versions of PHP, use the default crypt behaviour.
- function password_hash($password) {
+ /**
+ * There is no secure password facility on this server.
+ * Simply implement something that won't crash...
+ *
+ * @param string $password
+ * @param integer $algo
+ *
+ * @return string
+ */
+ function password_hash($password, $algo) {
$salt = '$2a$12$';
$salt_chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789./';
for ($i = 0; $i < 22; ++$i) {
$salt .= substr($salt_chars, mt_rand(0, 63), 1);
}
+
return crypt($password, $salt);
}
- function password_needs_rehash() {
+ /**
+ * There is no secure password facility on this server.
+ * Simply implement something that won't crash...
+ *
+ * @param string $hash
+ * @param integer $algo
+ *
+ * @return boolean
+ */
+ function password_needs_rehash($hash, $algo) {
return false;
}
+ /**
+ * There is no secure password facility on this server.
+ * Simply implement something that won't crash...
+ *
+ * @param string $password
+ * @param integer $hash
+ *
+ * @return string
+ */
function password_verify($password, $hash) {
return crypt($password, $hash) === $hash;
}