diff --git a/php/modules/Album.php b/php/modules/Album.php index cc100a4..ac358c8 100644 --- a/php/modules/Album.php +++ b/php/modules/Album.php @@ -442,15 +442,19 @@ class Album extends Module { # Call plugins $this->plugins(__METHOD__, 0, func_get_args()); - if (isset($password)&&strlen($password)>0) { - # get hashed password + if (strlen($password)>0) { + + # Get hashed password $password = get_hashed_password($password); - # set hashed password + # Set hashed password $result = $this->database->query("UPDATE lychee_albums SET password = '$password' WHERE id IN ('$this->albumIDs');"); + } else { - # unset password + + # Unset password $result = $this->database->query("UPDATE lychee_albums SET password = NULL WHERE id IN ('$this->albumIDs');"); + } # Call plugins diff --git a/php/modules/misc.php b/php/modules/misc.php index 9a19208..b5aca4d 100755 --- a/php/modules/misc.php +++ b/php/modules/misc.php @@ -82,9 +82,9 @@ function search($database, $settings, $term) { function get_hashed_password($password) { - # inspired by -> http://alias.io/2010/01/store-passwords-safely-with-php-and-mysql/ + # Inspired by http://alias.io/2010/01/store-passwords-safely-with-php-and-mysql/ - # A higher "cost" is more secure but consumes more processing power + # A higher $cost is more secure but consumes more processing power $cost = 10; # Create a random salt @@ -96,6 +96,7 @@ function get_hashed_password($password) { # Hash the password with the salt return crypt($password, $salt); + } ?>