Comments (5)
and in the ini file the password is stored in md5 for example.
@BlackCodec you should realize if the password write manually so it would be very hard to generate md5 password without using any tools 😃
I would be very pleased if you could join to enhance the HTMLy security.
from htmly.
I found a solution for everybody that want an encryption and who dont want them.
I added encryption in the ini file, encryption accept null value and clear for no encryption, else everyone can explain its encryption in the standard, the function i have used is php hash so the algoritms are the standard included with the function documentation.
I modified the admin.php at line 19 adding this 2 line:
$user_enc = user('encryption', $user);
$password = (strlen($user_enc) > 0 && $user_enc !== 'clear')?hash($user_enc,$pass):$pass;
then change 2 row after the:
if($pass === $user_pass) {
with:
if($password === $user_pass) {
and it work with encryption or without.
If encryption params is not inserted or specified its consider clear text like the original so there is no problem for who have this alredy installed.
from htmly.
Can you provide me a patch or pull request?
from htmly.
@danpros
Sorry i'm new on github and dont know very well its function, i have done a pull request (#51).
In the pull there are two implementation:
- Security like described in precedent post
- Support for drafts.
from htmly.
Submitted patch and added to master.
from htmly.
Related Issues (20)
- 404 not found when submitting installation form HOT 2
- Parse error: syntax error, unexpected '?' while installing htmly 2.8.3 on PHP < 7.0 HOT 5
- [v2.8.4] List of posts shows wrong character encoding HOT 4
- Text "Tag" in "Add content" and "Edit" page is not translatable HOT 2
- PHP-INTL date format HOT 3
- Unsorted categories list in admin views HOT 3
- An idea: Is it possible to labelize all the fields? HOT 2
- Comment Slug HOT 13
- Just installed, nice app but... HOT 16
- Add Content To Sidebar HOT 5
- Some issues after the new installation HOT 12
- What need to be done to display rtl language (such as Arabic or Hebrew) HOT 1
- RSS import failed HOT 3
- How to customize <title></title> HOT 12
- php-Warning in admin/updates HOT 2
- Can't edit or delete posts HOT 8
- Deprecated: rtrim(): Passing null to parameter #1 ($string) of type string HOT 3
- Known issue: Does not support underscore character in username HOT 1
- Version 2.9.0 - i18n error HOT 11
- Looking to override some css HOT 7
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from htmly.