mirror of
https://github.com/lrsjng/h5ai.git
synced 2024-09-20 04:38:51 -04:00
Change hash algo to sha512.
This commit is contained in:
parent
1975715dbd
commit
90d337a51f
3 changed files with 5 additions and 5 deletions
|
@ -1,8 +1,8 @@
|
|||
<?php
|
||||
|
||||
/*********************************************************************
|
||||
SHA1 hash of the info page password, the preset password is the
|
||||
SHA512 hash of the info page password, the preset password is the
|
||||
empty string. You might change it to keep this information private.
|
||||
Online hash generator: http://www.sha1.cz/
|
||||
Online hash generator: http://md5hashing.net/hashing/sha512
|
||||
*********************************************************************/
|
||||
define("PASSHASH", "da39a3ee5e6b4b0d3255bfef95601890afd80709");
|
||||
define("PASSHASH", "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e");
|
||||
|
|
|
@ -25,7 +25,7 @@ class Api {
|
|||
private function on_login() {
|
||||
|
||||
$pass = Util::get_request_param("pass");
|
||||
$_SESSION[AS_ADMIN_SESSION_KEY] = sha1($pass) === PASSHASH;
|
||||
$_SESSION[AS_ADMIN_SESSION_KEY] = strcasecmp(hash("sha512", $pass), PASSHASH) === 0;
|
||||
Util::json_exit(["asAdmin" => $_SESSION[AS_ADMIN_SESSION_KEY]]);
|
||||
}
|
||||
|
||||
|
|
|
@ -55,7 +55,7 @@ class Bootstrap {
|
|||
session_start();
|
||||
define("AS_ADMIN_SESSION_KEY", "__H5AI_AS_ADMIN__");
|
||||
define("AS_ADMIN", isset($_SESSION[AS_ADMIN_SESSION_KEY]) && $_SESSION[AS_ADMIN_SESSION_KEY] === true);
|
||||
define("HAS_CUSTOM_PASSHASH", PASSHASH !== "da39a3ee5e6b4b0d3255bfef95601890afd80709");
|
||||
define("HAS_CUSTOM_PASSHASH", strcasecmp(PASSHASH, "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e") !== 0);
|
||||
}
|
||||
|
||||
|
||||
|
|
Loading…
Reference in a new issue