switch password and id in munge_password

I think this is the less effective way to salt a password, BUT...
I had a big bug in my code! All the code that was calling this
function got the order of the params mixed up. So, to save heartache,
I just reversed the order of the parameters, and reversed how the were
used in the function. It should be functionally the same as before,
but better documented.

darcs-hash:20080618211454-84dde-4772135cc92f2a51faa072e4470da3c628e1510c.gz

diff --git a/lib/util.php b/lib/util.php
index f34a10c5b259f3057263a7d3174509361ef20817..eb019ac7ee849f97d243295c0ce164f7da293773 100644 (file)
--- a/lib/util.php
+++ b/lib/util.php
@@ -366,8 +366,8 @@ function common_textarea($id, $label, $content=NULL, $instructions=NULL) {
 
 # salted, hashed passwords are stored in the DB
 
-function common_munge_password($id, $password) {
-       return md5($id . $password);
+function common_munge_password($password, $id) {
+       return md5($password . $id);
 }
 
 # check if a username exists and has matching password