From 1d67f33b3b62cc28d0a9845fb22776ce33adfdaa Mon Sep 17 00:00:00 2001 From: Evan Prodromou Date: Wed, 18 Jun 2008 17:14:54 -0400 Subject: [PATCH] switch password and id in munge_password I think this is the less effective way to salt a password, BUT... I had a big bug in my code! All the code that was calling this function got the order of the params mixed up. So, to save heartache, I just reversed the order of the parameters, and reversed how the were used in the function. It should be functionally the same as before, but better documented. darcs-hash:20080618211454-84dde-4772135cc92f2a51faa072e4470da3c628e1510c.gz --- lib/util.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/util.php b/lib/util.php index f34a10c5b2..eb019ac7ee 100644 --- a/lib/util.php +++ b/lib/util.php @@ -366,8 +366,8 @@ function common_textarea($id, $label, $content=NULL, $instructions=NULL) { # salted, hashed passwords are stored in the DB -function common_munge_password($id, $password) { - return md5($id . $password); +function common_munge_password($password, $id) { + return md5($password . $id); } # check if a username exists and has matching password