diff options
author | Andrew Dolgov <[email protected]> | 2017-01-07 14:25:46 +0300 |
---|---|---|
committer | Andrew Dolgov <[email protected]> | 2017-01-07 14:25:46 +0300 |
commit | 17a8e61d2ae9e938aaf60292666b6ccf5cb09067 (patch) | |
tree | b6ddea4e4bb7cef4bcd2c4185fc63d8b78c8cbf4 /include/functions.php | |
parent | 370fe2bdcdb9042310d0d86fe10b78174a7d1cf1 (diff) |
deprecate encrypted feed passwords because mcrypt is getting removed from php 7.1
1. transparent decryption for existing installs stays for the time being
2. new passwords are not going to be encrypted even if FEED_CRYPT_KEY is defined
3. added update.php --decrypt-feeds to bulk decrypt existing encrypted passwords
4. updated install to not auto-generate crypt key
5. added warning to config.php-dist
Diffstat (limited to 'include/functions.php')
-rwxr-xr-x | include/functions.php | 9 |
1 files changed, 1 insertions, 8 deletions
diff --git a/include/functions.php b/include/functions.php index f10c3a00b..ce7627d5a 100755 --- a/include/functions.php +++ b/include/functions.php @@ -1749,14 +1749,7 @@ "SELECT id FROM ttrss_feeds WHERE feed_url = '$url' AND owner_uid = ".$_SESSION["uid"]); - if (strlen(FEED_CRYPT_KEY) > 0) { - require_once "crypt.php"; - $auth_pass = substr(encrypt_string($auth_pass), 0, 250); - $auth_pass_encrypted = 'true'; - } else { - $auth_pass_encrypted = 'false'; - } - + $auth_pass_encrypted = 'false'; $auth_pass = db_escape_string($auth_pass); if (db_num_rows($result) == 0) { |