ejnnr
commented
9 years ago Note: For password hashing 'password_hash' and 'password_verify' are used now. So don't be confused by the initial comment.
Closed ejnnr closed 9 years ago
ejnnr
commented
9 years ago Note: For password hashing 'password_hash' and 'password_verify' are used now. So don't be confused by the initial comment.
In include/user_management.php there should be a function called createUser or something like that which creates a new user. It should accept the arguments $username, $password (in clear text) and as an optional argument $email. The salt should be generated randomly inside the function. The password field inside the database should be set with "hash('sha512', $password . $salt)" (where $password is the password in clear text).