YunoHost-Apps/emailpoubelle_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/emailpoubelle_ynh.git synced 2024-09-03 18:26:29 +02:00
Code Issues Activity Actions

#8 Pépite du mot de passe admin

Browse source
This commit is contained in:
David 2018-11-10 17:08:44 +01:00
parent 1b25026ed2
commit 9c98831344
2 changed files with 2 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
conf-dist.php
View file

@ -88,12 +88,8 @@ define('MAINTENANCE_MODE', false);
define('MAINTENANCE_IP', '10.0.0.1');
// Usage de password-hash https://php.net/manual/fr/function.password-hash.php
// Vous pouvez crtyper le mot de passe en ligne avec les outils :
// http://www.passwordtool.hu/php5-password-hash-generator
// https://php-password-hash-online-tool.herokuapp.com/password_hash (PASSWORD_DEFAULT, no auto-generated, no cost 10)
// Mot de passe par défaut "admin" :
define('ADMIN_PASSWORD', '$2y$10$BncfiLy8VEYtkLVIlL5Ar.TVPY9Q3KbllJrdHNuSU5WCRnKafWM5K');
define('ADMIN_PASSWORD', 'admin');
?>

2
emailPoubelleAdmin.php
View file

@ -17,7 +17,7 @@ if (isset($_POST['adminPassword'])) {
$_SESSION['adminPasswordHash'] = password_hash($_POST['adminPassword'], PASSWORD_DEFAULT);
}
if (isset($_SESSION['adminPasswordHash'])) {
if (password_verify('admin', $_SESSION['adminPasswordHash'])) {
if (password_verify(ADMIN_PASSWORD, $_SESSION['adminPasswordHash'])) {
$auth=true;
} else {
$auth=false;