moodle/moodle
3
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-08-04 16:36:37 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

MDL-23474 user password hashing - removed unnecessary user record update, improved docs and fixed the content of password field in user record after update

Browse source
This commit is contained in:
Petr Skoda 2010-07-22 07:43:18 +00:00
parent 0bf8c17431
commit 003ffc8565
1 changed files with 6 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

8
lib/moodlelib.php
View file

@ -3749,11 +3749,9 @@ function hash_internal_user_password($password) {
/** /**
* Update password hash in user object. * Update password hash in user object.
* *
* @global object
* @global object
* @param object $user * @param object $user
* @param string $password plain text password * @param string $password plain text password
* @return bool true if hash changed * @return bool always returns true
*/ */
function update_internal_user_password(&$user, $password) { function update_internal_user_password(&$user, $password) {
global $CFG, $DB; global $CFG, $DB;
@ -3765,7 +3763,11 @@ function update_internal_user_password(&$user, $password) {
$hashedpassword = hash_internal_user_password($password); $hashedpassword = hash_internal_user_password($password);
} }
if ($user->password !== $hashedpassword) {
$DB->set_field('user', 'password', $hashedpassword, array('id'=>$user->id)); $DB->set_field('user', 'password', $hashedpassword, array('id'=>$user->id));
$user->password = $hashedpassword;
}
return true; return true;
} }