]> git.p6c8.net - jirafeau/jirafeau.git/blobdiff - f.php
Here we actually NEED MD5. This one affects only legacy files encrypted using mcrypt.
[jirafeau/jirafeau.git] / f.php
diff --git a/f.php b/f.php
index 269b10be94725f3395ec739c2e0a614767dbab80..f0a3d12d5b5b2347c6af3473ccebb43560a7954f 100644 (file)
--- a/f.php
+++ b/f.php
@@ -171,7 +171,7 @@ if (!empty($link['key'])) {
         require(JIRAFEAU_ROOT.'lib/template/footer.php');
         exit;
     } else {
-        if (hash_equals($link['key'], md5($_POST['key']))) {
+        if (hash_equals($link['key'], hash('sha256', $_POST['key']))) {
             $password_challenged = true;
         } else {
             sleep(2);

patrick-canterino.de