summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorEvan Prodromou <evan@prodromou.name>2008-06-18 17:14:54 -0400
committerEvan Prodromou <evan@prodromou.name>2008-06-18 17:14:54 -0400
commit1d67f33b3b62cc28d0a9845fb22776ce33adfdaa (patch)
tree6bb47faf7014c826d5d538d34b714b40bb54f4b0 /lib
parente47ba466347f2fc0126226595d883938d9fee61c (diff)
switch password and id in munge_password
I think this is the less effective way to salt a password, BUT... I had a big bug in my code! All the code that was calling this function got the order of the params mixed up. So, to save heartache, I just reversed the order of the parameters, and reversed how the were used in the function. It should be functionally the same as before, but better documented. darcs-hash:20080618211454-84dde-4772135cc92f2a51faa072e4470da3c628e1510c.gz
Diffstat (limited to 'lib')
-rw-r--r--lib/util.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/util.php b/lib/util.php
index f34a10c5b..eb019ac7e 100644
--- a/lib/util.php
+++ b/lib/util.php
@@ -366,8 +366,8 @@ function common_textarea($id, $label, $content=NULL, $instructions=NULL) {
# salted, hashed passwords are stored in the DB
-function common_munge_password($id, $password) {
- return md5($id . $password);
+function common_munge_password($password, $id) {
+ return md5($password . $id);
}
# check if a username exists and has matching password