diff options
| author | Simon Rettberg | 2013-10-31 12:38:25 +0100 |
|---|---|---|
| committer | Simon Rettberg | 2013-10-31 12:38:25 +0100 |
| commit | a362ac12b119b49519f5af51b92ebb7d6e127b87 (patch) | |
| tree | a2334426c8af99f864e2dd90c2f275e3ed50083a /modules/adduser.inc.php | |
| parent | Remodel zeug mit settings und so (diff) | |
| download | slx-admin-a362ac12b119b49519f5af51b92ebb7d6e127b87.tar.gz slx-admin-a362ac12b119b49519f5af51b92ebb7d6e127b87.tar.xz slx-admin-a362ac12b119b49519f5af51b92ebb7d6e127b87.zip | |
Comments, minor refactoring, possiblity to validate configuration parameters
Diffstat (limited to 'modules/adduser.inc.php')
| -rw-r--r-- | modules/adduser.inc.php | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/modules/adduser.inc.php b/modules/adduser.inc.php index 3e49a78a..04b6044f 100644 --- a/modules/adduser.inc.php +++ b/modules/adduser.inc.php @@ -6,13 +6,14 @@ if (isset($_POST['action']) && $_POST['action'] === 'adduser') { // Check required fields if (empty($_POST['user']) || empty($_POST['pass1']) || empty($_POST['pass2']) || empty($_POST['fullname']) || empty($_POST['phone']) || empty($_POST['email'])) { Message::addError('empty-field'); + Util::redirect('?do=adduser'); } elseif ($_POST['pass1'] !== $_POST['pass2']) { Message::addError('password-mismatch'); + Util::redirect('?do=adduser'); } else { - $salt = substr(str_replace('+', '.', base64_encode(pack('N4', mt_rand(), mt_rand(), mt_rand(), mt_rand()))), 0, 22); $data = array( 'user' => $_POST['user'], - 'pass' => crypt($_POST['pass1'], '$6$' . $salt), + 'pass' => Crypto::hash6($_POST['pass1']), 'fullname' => $_POST['fullname'], 'phone' => $_POST['phone'], 'email' => $_POST['email'], |