require(JIRAFEAU_ROOT.'lib/template/footer.php');
exit;
} else {
- if (hash_equals($link['key'], md5($_POST['key']))) {
+ if (hash_equals($link['key'], hash('sha256',$_POST['key']))) {
$password_challenged = true;
} else {
sleep(2);
/* hash password or empty. */
$password = '';
if (!empty($key)) {
- $password = md5($key);
+ $password = hash('sha256',$key);
}
/* create link file */
$w_path = $p . $ref . '_data';
touch($w_path);
- /* md5 password or empty */
+ /* sha256 password or empty */
$password = '';
if (!empty($key)) {
- $password = md5($key);
+ $password = hash('sha256',$key);
}
/* Store information. */
$m = mcrypt_module_open('rijndael-256', '', 'ofb', '');
/* Extract key and iv. */
$crypt_key = $k;
- $hash_key = md5($crypt_key);
+ $hash_key = hash('sha256',$crypt_key);
$iv = jirafeau_crypt_create_iv($hash_key, mcrypt_enc_get_iv_size($m));
/* Init module. */
mcrypt_generic_init($m, $hash_key, $iv);
function jirafeau_admin_session_start()
{
$_SESSION['admin_auth'] = true;
- $_SESSION['admin_csrf'] = md5(uniqid(mt_rand(), true));
+ $_SESSION['admin_csrf'] = hash('sha256',uniqid(mt_rand(), true));
}
function jirafeau_session_end()