X-Git-Url: http://git.rot13.org/?a=blobdiff_plain;f=opac%2Fopac-passwd.pl;h=440f9a23efbe95479d6fb199371b24c5158c6326;hb=9c5e40e4923179bf0b2b630d3e09797dc4c1fdb0;hp=19425f79377083bf1bf1c0322d1b3101505c9766;hpb=ea1aa7a0d906d583375618e37be60e9f0d62d939;p=koha.git

diff --git a/opac/opac-passwd.pl b/opac/opac-passwd.pl
index 19425f7937..440f9a23ef 100755
--- a/opac/opac-passwd.pl
+++ b/opac/opac-passwd.pl
@@ -29,6 +29,7 @@ use Digest::MD5 qw(md5_base64);
 use C4::Circulation;
 use C4::Members;
 use C4::Output;
+use Koha::AuthUtils qw(hash_password);
 
 my $query = new CGI;
 my $dbh   = C4::Context->dbh;
@@ -57,7 +58,7 @@ if ( C4::Context->preference("OpacPasswordChange") ) {
             if ( $query->param('Newkey') eq $query->param('Confirm')
                 && length( $query->param('Confirm') ) >= $minpasslen )
             {    # Record password
-                my $clave = md5_base64( $query->param('Newkey') );
+                my $clave = hash_password( $query->param('Newkey') );
                 $sth->execute( $clave, $borrowernumber );
                 $template->param( 'password_updated' => '1' );
                 $template->param( 'borrowernumber'   => $borrowernumber );
@@ -113,8 +114,14 @@ sub goodkey {
       $dbh->prepare("SELECT password FROM borrowers WHERE borrowernumber=?");
     $sth->execute($borrowernumber);
     if ( $sth->rows ) {
-        my ($md5password) = $sth->fetchrow;
-        if ( md5_base64($key) eq $md5password ) { return 1; }
+        my $hash;
+        my ($stored_hash) = $sth->fetchrow;
+        if ( substr($stored_hash,0,2) eq '$2') {
+            $hash = hash_password($key, $stored_hash);
+        } else {
+            $hash = md5_base64($key);
+        }
+        if ( $hash eq $stored_hash ) { return 1; }
         else { return 0; }
     }
     else { return 0; }