????
Your IP : 216.73.216.174
<?php
/*
$Id$
osCommerce, Open Source E-Commerce Solutions
http://www.oscommerce.com
Copyright (c) 2010 osCommerce
Released under the GNU General Public License
*/
////
// This function validates a plain text password with a
// salted or phpass password
function tep_validate_password($plain, $encrypted) {
if (tep_not_null($plain) && tep_not_null($encrypted)) {
if (tep_password_type($encrypted) == 'salt') {
return tep_validate_old_password($plain, $encrypted);
}
if (!class_exists('PasswordHash')) {
include(DIR_WS_CLASSES . 'passwordhash.php');
}
$hasher = new PasswordHash(10, true);
return $hasher->CheckPassword($plain, $encrypted);
}
return false;
}
////
// This function validates a plain text password with a
// salted password
function tep_validate_old_password($plain, $encrypted) {
if (tep_not_null($plain) && tep_not_null($encrypted)) {
// split apart the hash / salt
$stack = explode(':', $encrypted);
if (sizeof($stack) != 2) return false;
if (md5($stack[1] . $plain) == $stack[0]) {
return true;
}
}
return false;
}
////
// This function encrypts a phpass password from a plaintext
// password.
function tep_encrypt_password($plain) {
if (!class_exists('PasswordHash')) {
include(DIR_WS_CLASSES . 'passwordhash.php');
}
$hasher = new PasswordHash(10, true);
return $hasher->HashPassword($plain);
}
////
// This function encrypts a salted password from a plaintext
// password.
function tep_encrypt_old_password($plain) {
$password = '';
for ($i=0; $i<10; $i++) {
$password .= tep_rand();
}
$salt = substr(md5($password), 0, 2);
$password = md5($salt . $plain) . ':' . $salt;
return $password;
}
////
// This function returns the type of the encrpyted password
// (phpass or salt)
function tep_password_type($encrypted) {
if (preg_match('/^[A-Z0-9]{32}\:[A-Z0-9]{2}$/i', $encrypted) === 1) {
return 'salt';
}
return 'phpass';
}
?>