interface/login/validateUser.php

   1 <?php
   2 //VicarePlus :: This file checks the hashing algorithm used for the password in the initial login.
   3 //VicarePlus :: This file is called by a jquery function in login.php
   4
   5 // Use new security method
   6 $fake_register_globals=false;
   7 $sanitize_all_escapes=true;
   8
   9 $ignoreAuth=true;
  10 include_once("../globals.php");
  11 include_once("$srcdir/sql.inc");
  12 $user = $_GET['u'];
  13 $authDB = sqlQuery("select length(password) as passlength from users where username = ?", array($user) );
  14 $passlength = $authDB['passlength'];
  15 //VicarePlus :: If the length of the password is 32, 'md5' hashing algorithm is used.
  16 if ($passlength == 32)
  17 {
  18 echo "0";
  19 }
  20 //VicarePlus :: If the length of the password is 40, 'sha1' hashing algorithm is used.
  21 else if($passlength == 40)
  22 {
  23 echo "1";
  24 }
  25 ?>