From 6dd383938555675095f92e14636fc1e3b18d84bd Mon Sep 17 00:00:00 2001 From: Steve Date: Tue, 27 Oct 2015 22:44:05 +0100 Subject: [PATCH 1/4] add gitignore for development comodity --- .gitignore | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 4dff4e4..7a2e453 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,16 @@ # Created by .gitignore support plugin (hsz.mobi) -.idea/ \ No newline at end of file +.idea/ + +* +!./application/config/aauth.php +!./application/controllers/example.php +!./application/helpers/googleauthenticator_helper.php +!./application/helpers/recaptchalib_helper.php +!./application/language/english/aauth_lang.php +!./application/language/french/aauth_lang.php +!./application/language/spanish/aauth_lang.php +!./application/libraries/Aauth.php +!./LICENSE +!./README.md +!./sql/Aauth_v2.sql +!./sql/readme.txt From c84fde559118caa520db9528c6eb0f902f10fd6d Mon Sep 17 00:00:00 2001 From: Steve Date: Wed, 28 Oct 2015 00:06:52 +0100 Subject: [PATCH 2/4] Add hash in configuration --- application/config/aauth.php | 4 +++- application/libraries/Aauth.php | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/application/config/aauth.php b/application/config/aauth.php index 053324c..7bd0f04 100644 --- a/application/config/aauth.php +++ b/application/config/aauth.php @@ -115,7 +115,9 @@ $config_aauth["default"] = array( 'verification' => false, 'verification_link' => '/account/verification/', - 'reset_password_link' => '/account/reset_password/' + 'reset_password_link' => '/account/reset_password/', + + 'hash' => 'sha256' ); $config['aauth'] = $config_aauth['default']; diff --git a/application/libraries/Aauth.php b/application/libraries/Aauth.php index 016dd3d..38d0dc3 100644 --- a/application/libraries/Aauth.php +++ b/application/libraries/Aauth.php @@ -1145,7 +1145,7 @@ class Aauth { function hash_password($pass, $userid) { $salt = md5($userid); - return hash('sha256', $salt.$pass); + return hash($this->config_vars['hash'], $salt.$pass); } ######################## From c276164c5b6a5303632716d25130be0e3c912278 Mon Sep 17 00:00:00 2001 From: Steve Date: Wed, 28 Oct 2015 00:10:38 +0100 Subject: [PATCH 3/4] Add explaination an recommendations --- application/config/aauth.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/application/config/aauth.php b/application/config/aauth.php index 7bd0f04..ef1cb27 100644 --- a/application/config/aauth.php +++ b/application/config/aauth.php @@ -64,6 +64,9 @@ defined('BASEPATH') OR exit('No direct script access allowed'); | ['verification_link'] Link for verification without site_url or base_url | ['reset_password_link'] Link for reset_password without site_url or base_url | +| ['hash'] Name of selected hashing algorithm (e.g. "md5", "sha256", "haval160,4", etc..) +| Please, run hash_algos() for know your all supported algorithms +| */ $config_aauth = array(); From 825f53576f051add512a05ec404bdb6f5f18fba6 Mon Sep 17 00:00:00 2001 From: Steve Date: Wed, 28 Oct 2015 00:22:59 +0100 Subject: [PATCH 4/4] reform old gitignore --- .gitignore | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/.gitignore b/.gitignore index 7a2e453..4e79763 100644 --- a/.gitignore +++ b/.gitignore @@ -1,16 +1,2 @@ # Created by .gitignore support plugin (hsz.mobi) .idea/ - -* -!./application/config/aauth.php -!./application/controllers/example.php -!./application/helpers/googleauthenticator_helper.php -!./application/helpers/recaptchalib_helper.php -!./application/language/english/aauth_lang.php -!./application/language/french/aauth_lang.php -!./application/language/spanish/aauth_lang.php -!./application/libraries/Aauth.php -!./LICENSE -!./README.md -!./sql/Aauth_v2.sql -!./sql/readme.txt