From 80f766554a3dd117b2958fd8c55b8fab2b73f9f9 Mon Sep 17 00:00:00 2001
From: Demian <demianalonso@gmail.com>
Date: Thu, 11 Jun 2015 10:20:37 -0300
Subject: Implemented password hashing using a salt, following this
 code&guidelines: https://crackstation.net/hashing-security.htm

---
 debug.xml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'debug.xml')

diff --git a/debug.xml b/debug.xml
index 799f6aa92..84587f293 100644
--- a/debug.xml
+++ b/debug.xml
@@ -133,7 +133,7 @@
     <entry key='database.loginUser'>
         SELECT * 
         FROM user 
-        WHERE email = :email AND password = :password;
+        WHERE email = :email;
     </entry>
 
     <entry key='database.selectUsersAll'>
@@ -141,8 +141,8 @@
     </entry>
 
     <entry key='database.insertUser'>
-        INSERT INTO user (name, email, password, admin) 
-        VALUES (:name, :email, :password, :admin);
+        INSERT INTO user (name, email, password, salt, admin) 
+        VALUES (:name, :email, :password, :salt, :admin);
     </entry>
         
     <entry key='database.updateUser'>
@@ -154,7 +154,7 @@
     </entry>
 
     <entry key='database.updateUserPassword'>
-        UPDATE user SET password = :password WHERE id = :id;
+        UPDATE user SET password = :password, salt = :salt WHERE id = :id;
     </entry>
     
     <entry key='database.deleteUser'>
-- 
cgit v1.2.3