switch password and id in munge_password

I think this is the less effective way to salt a password, BUT...
I had a big bug in my code! All the code that was calling this
function got the order of the params mixed up. So, to save heartache,
I just reversed the order of the parameters, and reversed how the were
used in the function. It should be functionally the same as before,
but better documented.

darcs-hash:20080618211454-84dde-4772135cc92f2a51faa072e4470da3c628e1510c.gz
This commit is contained in:
Evan Prodromou 2008-06-18 17:14:54 -04:00
parent e47ba46634
commit 1d67f33b3b

View File

@ -366,8 +366,8 @@ function common_textarea($id, $label, $content=NULL, $instructions=NULL) {
# salted, hashed passwords are stored in the DB
function common_munge_password($id, $password) {
return md5($id . $password);
function common_munge_password($password, $id) {
return md5($password . $id);
}
# check if a username exists and has matching password