From dd15bf25ca6f7169a4a1796613513ab6fd9c6102 Mon Sep 17 00:00:00 2001
From: Kevin James 'purdyk' Purdy <purdyk@gmail.com>
Date: Mon, 3 Nov 2008 17:55:29 +0000
Subject: Creating new user now uses the new password hashing scheme

---
 lib/class/user.class.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'lib/class/user.class.php')

diff --git a/lib/class/user.class.php b/lib/class/user.class.php
index ebb29d00..29c9b05d 100644
--- a/lib/class/user.class.php
+++ b/lib/class/user.class.php
@@ -614,10 +614,11 @@ class User extends database_object {
 		$fullname	= Dba::escape($fullname);
 		$email		= Dba::escape($email);
 		$access		= Dba::escape($access);
-	
+		$password_hashed = hash('sha256', $password);
+
 		/* Now Insert this new user */
 		$sql = "INSERT INTO `user` (`username`, `fullname`, `email`, `password`, `access`, `create_date`) VALUES" .
-			" ('$username','$fullname','$email',PASSWORD('$password'),'$access','" . time() ."')";
+			" ('$username','$fullname','$email','$password_hashed','$access','" . time() ."')";
 		$db_results = Dba::write($sql);
 		
 		if (!$db_results) { return false; }
-- 
cgit