OK, I don't know if I'm right, but it seems there's a bug. I made a step by step execution with a PHP debugger and cannot find another explanation.
Authentication with SHA1 ciphered passwords in the database work with the following code inTwo modifications:
Authentication with SHA1 ciphered passwords in the database work with the following code in
sha1.php:Code:
public function check($password, $hash, $user_row = array()){return (strlen($hash) == 46) ? $this->helper->string_compare($hash, '$sha1$' . sha1($password)) : false;}strlencomparison should be made toward a 46 characters$hashand not a 40 one, due to the$sha1$prefix,string_comparecomparison should be preceded by the concatenation of the$sha1$prefix to the shaonized password.
$sha1$ prefix), my migration is transparent. Users can connect with their current password and its ciphering is changed in the database on the go to bcrypt, the default one, by phpBB.Statistics: Posted by Doc Davluz — Sat Mar 09, 2024 2:45 pm