View Single Post
  #5  
Old 4th May 2010, 00:24
centosarus centosarus is offline
Member
 
Join Date: Apr 2009
Posts: 46
Thanks: 9
Thanked 4 Times in 3 Posts
Default

Unless I am mistaken, it appears that the salt is not static based on what I am seeing here in file /usr/local/ispconfig/interface/lib/classes/tform.inc.php:

Code:
if(isset($field['encryption']) && $field['encryption'] == 'CRYPT') {
                 $salt="$1$";
                 $base64_alphabet='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';

                 for ($n=0;$n<8;$n++) {

                  //$salt.=chr(mt_rand(64,126));

                 $salt.=$base64_alphabet[mt_rand(0,63)];

                 }
          $salt.="$";

             $record[$key] = crypt($record[$key],$salt);

             $sql_insert_val .= "'".$app->db->quote($record[$key])."', ";

} elseif { ........ }
How does Squirrelmail handle login? How is the password checked? If you could point me in that direction, I'd be able to get that plugin to work. I think or hope.

Thanks
Reply With Quote