Netsyms/Mods-for-HESK-Netsyms
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

#255 Update code to 2.6.4

Browse Source
This commit is contained in:
Mike Koch 2015-06-23 23:30:49 -04:00
parent 139853e0d4
commit e84c27fa16
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
inc/admin_functions.inc.php
View File

@ -380,7 +380,7 @@ function hesk_activeSessionValidate($username, $password_hash, $tag)
list($salt, $hash) = explode('|', $tag, 2); list($salt, $hash) = explode('|', $tag, 2);
// Make sure the hash matches existing username and password // Make sure the hash matches existing username and password
if ($hash == sha1($salt . $username . $password_hash) ) if ($hash == sha1($salt . strtolower($username) . $password_hash) )
{ {
return true; return true;
} }
@ -392,7 +392,7 @@ function hesk_activeSessionValidate($username, $password_hash, $tag)
function hesk_activeSessionCreateTag($username, $password_hash) function hesk_activeSessionCreateTag($username, $password_hash)
{ {
$salt = uniqid(mt_rand(), true); $salt = uniqid(mt_rand(), true);
return $salt . '|' . sha1($salt . $username . $password_hash); return $salt . '|' . sha1($salt . strtolower($username) . $password_hash);
} // END hesk_activeSessionCreateTag() } // END hesk_activeSessionCreateTag()