WordPress.org

Make WordPress Core

Changeset 6350 for trunk/wp-login.php


Ignore:
Timestamp:
12/02/2007 05:14:11 AM (11 years ago)
Author:
ryan
Message:

Hash passwords with phpass. Add wp_check_pasword() and wp_hash_password() functions. Props pishmishy. see #2394

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-login.php

    r6345 r6350  
    185185    // Generate something random for a password... md5'ing current time with a rand salt
    186186    $new_pass = substr( md5( uniqid( microtime() ) ), 0, 7);
    187     $wpdb->query("UPDATE $wpdb->users SET user_pass = MD5('$new_pass'), user_activation_key = '' WHERE user_login = '$user->user_login'");
     187    $new_hash = wp_hash_password($new_pass);
     188    $wpdb->query("UPDATE $wpdb->users SET user_pass = '$new_hash', user_activation_key = '' WHERE ID = '$user->ID'");
    188189    wp_cache_delete($user->ID, 'users');
    189     wp_cache_delete($user->user_login, 'userlogins');
    190190    $message  = sprintf(__('Username: %s'), $user->user_login) . "\r\n";
    191191    $message .= sprintf(__('Password: %s'), $new_pass) . "\r\n";
Note: See TracChangeset for help on using the changeset viewer.