diff options
| author | Evan Prodromou <evan@prodromou.name> | 2008-06-18 17:14:54 -0400 |
|---|---|---|
| committer | Evan Prodromou <evan@prodromou.name> | 2008-06-18 17:14:54 -0400 |
| commit | 1d67f33b3b62cc28d0a9845fb22776ce33adfdaa (patch) | |
| tree | 6bb47faf7014c826d5d538d34b714b40bb54f4b0 /lib | |
| parent | e47ba466347f2fc0126226595d883938d9fee61c (diff) | |
switch password and id in munge_password
I think this is the less effective way to salt a password, BUT...
I had a big bug in my code! All the code that was calling this
function got the order of the params mixed up. So, to save heartache,
I just reversed the order of the parameters, and reversed how the were
used in the function. It should be functionally the same as before,
but better documented.
darcs-hash:20080618211454-84dde-4772135cc92f2a51faa072e4470da3c628e1510c.gz
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/util.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/util.php b/lib/util.php index f34a10c5b..eb019ac7e 100644 --- a/lib/util.php +++ b/lib/util.php @@ -366,8 +366,8 @@ function common_textarea($id, $label, $content=NULL, $instructions=NULL) { # salted, hashed passwords are stored in the DB -function common_munge_password($id, $password) { - return md5($id . $password); +function common_munge_password($password, $id) { + return md5($password . $id); } # check if a username exists and has matching password |