lkddi/nexusphp
1
0
Fork 0
mirror of https://github.com/lkddi/nexusphp.git synced 2026-04-03 14:10:57 +08:00
Code Issues Packages Projects Releases Wiki Activity

Challenge-Response Authentication

Browse Source
This commit is contained in:
xiaomlove
2025-04-05 15:38:40 +07:00
parent bd9b4d7e1d
commit 97dc956c20
28 changed files with 538 additions and 329 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
public/recover.php
View File

@@ -85,7 +85,9 @@ elseif($_SERVER["REQUEST_METHOD"] == "GET" && $take_recover && isset($_GET["id"]
$sec = mksecret();
$newpasshash = md5($sec . $newpassword . $sec);
// $newpasshash = md5($sec . $newpassword . $sec);
$newpasshash = hash('sha256', $newpassword);
$newpasshash = hash('sha256', $sec.$newpasshash);
sql_query("UPDATE users SET secret=" . sqlesc($sec) . ", editsecret='', passhash=" . sqlesc($newpasshash) . " WHERE id=" . sqlesc($id)." AND editsecret=" . sqlesc($arr["editsecret"])) or sqlerr(__FILE__, __LINE__);