dshafik · February 11, 2012 23:11
diff --git a/upgrade_blowfish_1.0_1.2.php b/upgrade_blowfish_1.0_1.2.php
 <?php
 $good_salt = '$2y$10$22randomcharactershere$';

 $logged_in = false;

 if (strpos($stored_password, '$2a$') === 0) { 
    $bad_hash = '$2x$' .substr($stored_password, 4);

    if (crypt($input_password, $bad_hash) == $bad_hash)) {
        // generate a new password
        $good_hash = crypt($input_password, $good_salt);
        // Store $good_hash in-place of the original hash
    }

    $logged_in = true;
 } elseif (crypt($input_password, $input_password) == $stored_password) {
    $logged_in = true;
 } else {
    // Bad login
 }
 ?>
	<?php
	$good_salt = '$2y$10$22randomcharactershere$';

	$logged_in = false;

	if (strpos($stored_password, '$2a$') === 0) {
	$bad_hash = '$2x$' .substr($stored_password, 4);

	if (crypt($input_password, $bad_hash) == $bad_hash)) {
	// generate a new password
	$good_hash = crypt($input_password, $good_salt);
	// Store $good_hash in-place of the original hash
	}

	$logged_in = true;
	} elseif (crypt($input_password, $input_password) == $stored_password) {
	$logged_in = true;
	} else {
	// Bad login
	}
	?>