aboutsummaryrefslogtreecommitdiff
path: root/debug.xml
diff options
context:
space:
mode:
authorDemian <demianalonso@gmail.com>2015-06-11 10:20:37 -0300
committerDemian <dalonso@ecotaxi.com>2015-06-16 18:42:13 -0300
commit80f766554a3dd117b2958fd8c55b8fab2b73f9f9 (patch)
treee2eb21db6c5c941201dead8e0f1db91c2d62fe84 /debug.xml
parent8ff799f9d16715259131cd535f7f918823f161f9 (diff)
downloadtrackermap-server-80f766554a3dd117b2958fd8c55b8fab2b73f9f9.tar.gz
trackermap-server-80f766554a3dd117b2958fd8c55b8fab2b73f9f9.tar.bz2
trackermap-server-80f766554a3dd117b2958fd8c55b8fab2b73f9f9.zip
Implemented password hashing using a salt, following this code&guidelines: https://crackstation.net/hashing-security.htm
Diffstat (limited to 'debug.xml')
-rw-r--r--debug.xml8
1 files changed, 4 insertions, 4 deletions
diff --git a/debug.xml b/debug.xml
index 799f6aa92..84587f293 100644
--- a/debug.xml
+++ b/debug.xml
@@ -133,7 +133,7 @@
<entry key='database.loginUser'>
SELECT *
FROM user
- WHERE email = :email AND password = :password;
+ WHERE email = :email;
</entry>
<entry key='database.selectUsersAll'>
@@ -141,8 +141,8 @@
</entry>
<entry key='database.insertUser'>
- INSERT INTO user (name, email, password, admin)
- VALUES (:name, :email, :password, :admin);
+ INSERT INTO user (name, email, password, salt, admin)
+ VALUES (:name, :email, :password, :salt, :admin);
</entry>
<entry key='database.updateUser'>
@@ -154,7 +154,7 @@
</entry>
<entry key='database.updateUserPassword'>
- UPDATE user SET password = :password WHERE id = :id;
+ UPDATE user SET password = :password, salt = :salt WHERE id = :id;
</entry>
<entry key='database.deleteUser'>
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-08 02:11:22 +0000