deblan-mirror/tinyfilemanager
deblan-mirror/tinyfilemanager
1
0
Fork 0
mirror of https://github.com/prasathmani/tinyfilemanager synced 2024-04-28 12:02:48 +02:00
Code Issues Projects Releases Wiki Activity

Fix : Added Password_hash() #31

Browse source
This commit is contained in:
Prasath Mani 2018-10-16 13:53:16 +05:30
parent 484faad1d1
commit 2331ce3d0f
2 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -5,7 +5,7 @@ It is a simple, fast and small file manager with single php file. It is also a w
## Requirements
- PHP 5.2 or higher.
- PHP 5.5.0 or higher.
- [Zip extension](http://php.net/manual/en/book.zip.php) for zip and unzip actions.
- Fileinfo, iconv and mbstring extensions are strongly recommended.

6
tinyfilemanager.php
View file

@ -14,8 +14,8 @@ $use_auth = true;
// Users: array('Username' => 'Password', 'Username2' => 'Password2', ...)
$auth_users = array(
'admin' => 'admin',
'user' => '12345',
'admin' => password_hash('admin', PASSWORD_DEFAULT),
'user' => password_hash('12345', PASSWORD_DEFAULT)
);
// Readonly users (usernames array)
@ -124,7 +124,7 @@ if ($use_auth) {
} elseif (isset($_POST['fm_usr'], $_POST['fm_pwd'])) {
// Logging In
sleep(1);
if (isset($auth_users[$_POST['fm_usr']]) && $_POST['fm_pwd'] === $auth_users[$_POST['fm_usr']]) {
if (isset($auth_users[$_POST['fm_usr']]) && password_verify($_POST['fm_pwd'], $auth_users[$_POST['fm_usr']])) {
$_SESSION['logged'] = $_POST['fm_usr'];
fm_set_msg('You are logged in');
fm_redirect(FM_SELF_URL . '?p=');