adric | This was not the joke I found.

Current Mood: appalled
Current Location: Phretta

Entry tags:

This was not the joke I found.

from Moodle lib/libmoodle.php
} else { for ($i=1; $i<=20; $i++) { //20 alternative salts should be enough, right? $alt = 'passwordsaltalt'.$i; if (!empty($CFG->$alt)) { if ($user->password == md5($password.$CFG->$alt) or $user->password == md5($convpassword.$CFG->$alt)) { $validated = true; break; } } } }

Somehow WordPress not using salts at all now seems somehow slightly better.

Flat | Top-Level Comments Only