Roxen.git / server / modules / security / auth_httpcookie.pike

version» Context lines:

Roxen.git/server/modules/security/auth_httpcookie.pike:57:    if( cookies[ cookie ] )    return cookies[ cookie ];    cookies[ cookie ] = low_lookup_cookie( cookie );    if( !cookies[cookie][0] )    return m_delete( cookies, cookie );    return cookies[cookie];   }      protected string create_cookie( string u, string p )   { -  int i = (((hash(u) << 32) | hash(p)) << 32) | hash(u+p); -  string c = i->digits(16); +  string c = +  String.string2hex(Crypto.SHA1.hash(COOKIE + u + "\0" + p + COOKIE);    catch(get_my_sql()->query( "INSERT INTO "+table+" "    "(cookie,name,password) VALUES "    "(%s,%s,%s)", c, encode_pw(u), encode_pw(p) ));    return c;   }      User authenticate( RequestID id, UserDB db )   //! Try to authenticate the request with users from the specified user   //! database. If no @[db] is specified, all datbases in the current   //! configuration are searched in order, then the configuration user