// Generate a hash for extra-security for all passwords
function generateHash ($plainText, $salt = '', $hash = true) {
// Debug output
- //* DEBUG: */ debugOutput('plainText=' . $plainText . ',salt=' . $salt . ',hash='.intval($hash));
+ //* DEBUG: */ debugOutput('plainText('.strlen($plainText).')=' . $plainText . ',salt('.strlen($salt).')=' . $salt . ',hash=' . intval($hash));
// Is the required extension 'sql_patches' there and a salt is not given?
- // 0123 4 43 3 4 432 2 3 32 2 3 3210
- if ((((isExtensionInstalledAndOlder('sql_patches', '0.3.6')) && (empty($salt))) || (!isExtensionActive('sql_patches')) || (!isExtensionInstalledAndNewer('other', '0.2.5')))) {
+ // 123 4 43 3 4 432 2 3 32 2 3 32 2 3 3 21
+ if (((isExtensionInstalledAndOlder('sql_patches', '0.3.6')) && (empty($salt))) || (!isExtensionActive('sql_patches')) || (!isExtensionInstalledAndNewer('other', '0.2.5')) || (strlen($salt) == 32)) {
// Extension sql_patches is missing/outdated so we hash the plain text with MD5
if ($hash === true) {
// Is plain password
$finalHash = $salt . sha1($salt . $plainText);
// Debug output
- //* DEBUG: */ debugOutput('finalHash=' . $finalHash);
+ //* DEBUG: */ debugOutput('finalHash('.strlen($finalHash).')=' . $finalHash);
// Return hash
return $finalHash;