Junior Spellweaver
- Joined
- Sep 12, 2013
- Messages
- 147
- Reaction score
- 67
final public function hashed($password)
{
return md5($password);
}
final public function hashed($password)
{
return password_hash($password, PASSWORD_BCRYPT);
}
final public function userValidation($username, $password) { global $engine; if($engine->num_rows("SELECT * FROM users WHERE username = '" . $username . "' AND password = '" . $password . "' LIMIT 1") > 0) { return true; } return false; }
final public function userValidation($username, $password) { global $engine; if($engine->num_rows("SELECT * FROM users WHERE username = '" . $username . "' AND password = '" . $password . "' LIMIT 1") > 0) return password_verify($password); }
function auth_login(){
if($hashfromdb == hashed($_POST['passu'])){
return true;
}else{
return false;
}
function auth_login(){
if(password_verify($_POST['passu'], $hashfromdb)){
return true;
}else{
return false;
}
Thanks for reminding me lol.I think you should also include the code for logging in, i'm pretty sure that if u only use this you just make your site unable to be logged in
atm it looks something like this:
Wont work because every time you do password_hash($x) it returns a different hash. You should be using password_verify() instead.Code:function auth_login(){ if($hashfromdb == hashed($_POST['passu'])){ return true; }else{ return false; }
Code:function auth_login(){ if(password_verify($_POST['passu'], $hashfromdb)){ return true; }else{ return false; }
Indeed. This is very outdated code, although from the releases it's still the easiest to use.@Jonteh has a good point, or tho this is a decent upgrade users should be moving away from Rev, Yes it was a good CMS but has now become outdated.
Chocolatey uses framework and it actually crashed my hotel several times.
Indeed. This is very outdated code, although from the releases it's still the easiest to use.
From my point of view I see 4 usable CMS's: Chocolatey, RevCMS, BainCMS. Chocolatey uses framework and it actually crashed my hotel several times. BrainCMS I have never used, so can't really say anything about it. I don't personally like RevCMS, I believe it's just easier to use for people.
This guy sounds to me like he had an issue so instead of figuring out what actually caused the problem he's just blaming the first thing that comes to mind.I don't quite understand how a CMS could crash your Hotel? I understand he's butchered the Lumen Framework but even so, your hotels configuration must be terrible.
I don't quite understand how a CMS could crash your Hotel?
I don't quite understand how a CMS could crash your Hotel?
Never underestimate the true power of PhP.
That might be the main reason lord @maritnmine made a CMS in ASP in the past.
^^ Was using an old version of Chocolatey, probably had some backdoors or still does. I have nothing against Choco, great project and appreciate the effort saamus , overall amazing CMS. Just bad experiences. Like Aamiainen stated below, our community is sh*t. If there is a way to attack, it happens.Never underestimate the true power of PhP.
Knowing the userbase on thefts hotels i'd say it's most likely possible that someone has exploited the cms to crash the emu. But idk if thats even possible, never used chocolatey myself.