- //* DEBUG: */ echo "*".$data['password']."/".md5($password)."/".$ret."<br />";
- if ((isset($data['password'])) && (strlen($data['password']) == 32) && ($data['password'] == md5($password))) {
- // Generate new hash
- $data['password'] = generateHash($password);
-
- // Is the sql_patches not installed, than we cannot have a valid hashed password here!
- if (($ret == "pass") && ((EXT_VERSION_IS_OLDER("sql_patches", "0.3.6")) || (GET_EXT_VERSION("sql_patches") == ""))) $ret = "done";
- } elseif ((EXT_VERSION_IS_OLDER("sql_patches", "0.3.6")) || (GET_EXT_VERSION("sql_patches") == "")) {
- // Old hashing way
- return $ret;
- } elseif (!isset($data['password'])) {
- // Password not found, so no valid login!
- return $ret;
- }
-
- // Generate salt of password
- define('__SALT', substr($data['password'], 0, -40));
- $salt = __SALT;
-
- // Check if password is same
- //* DEBUG: */ echo "*".$ret.",".$data['password'].",".$password.",".$salt."*<br >\n";
- if (($ret == "pass") && ($data['password'] == generateHash($password, $salt)) && ((!empty($salt))) || ($data['password'] == $password)) {
- // Re-hash the plain passord with new random salt
- $data['password'] = generateHash($password);
-
- // Do we have 0.7.0 of admins or later?
- // Remmeber login failtures if available
- if (GET_EXT_VERSION("admins") >= "0.7.0") {
- // Store it in session
- set_session('mxchange_admin_failtures', $data['login_failtures']);
- set_session('mxchange_admin_last_fail', $data['last_failture']);
-
- // Update password and reset login failtures
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_admins SET password='%s',login_failtures=0,last_failture='0000-00-00 00:00:00' WHERE id=%s LIMIT 1",
- array($data['password'], $aid), __FILE__, __LINE__);