Fix password error

added a check for password hashing to avoid doble hashing or non-hashing of the password that turns into error login.

Author: PHPVibe

app/functions/functions.user.php

@@ -568,8 +568,17 @@ public static function AddUser($userData)
             $userData['oauth_token'] = '';
         }
         if (!isset($userData['password']) || nullval($userData['password'])) {
-            $userData['password'] = '';
+            $upassword = '';
+        } else {
+             $upassword = $userData['password'];
+            if(preg_match('/^[0-9a-f]{40}$/i', $upassword)){
+                /* already encrypoted with sha1 */
+            $upassword = toDb($upassword);
+               } else {
+              $upassword = sha1($upassword);
+            }
         }
+        
         if (!isset($userData['local']) || nullval($userData['local'])) {
             $userData['local'] = '';
         }
@@ -581,7 +590,7 @@ public static function AddUser($userData)
         }
 //insert to db
         $sql = "INSERT INTO " . DB_PREFIX . "users (name,username,email,type,lastlogin,date_registered,gid,fid,oauth_token,avatar,local,country,group_id,pass,password,bio)"
-            . " VALUES ('" . toDb($userData['name']) . "','" . toDb($userData['username']) . "','" . esc_attr($userData['email']) . "','" . $userData['type'] . "', now(), now(), '" . $userData['gid'] . "', '" . $userData['fid'] . "', '" . $userData['oauth_token'] . "', '" . $userData['avatar'] . "', '" . toDb($userData['local']) . "', '" . toDb($userData['country']) . "', '4', '" . $pass . "','" . toDb($userData['password']) . "', '" . toDb($userData['bio']) . "')";
+            . " VALUES ('" . toDb($userData['name']) . "','" . toDb($userData['username']) . "','" . esc_attr($userData['email']) . "','" . $userData['type'] . "', now(), now(), '" . $userData['gid'] . "', '" . $userData['fid'] . "', '" . $userData['oauth_token'] . "', '" . $userData['avatar'] . "', '" . toDb($userData['local']) . "', '" . toDb($userData['country']) . "', '4', '" . $pass . "','" . $upassword . "', '" . toDb($userData['bio']) . "')";
         $db->query($sql);
         $tid = user::checkUser($userData);
         return $tid;
@@ -781,4 +790,4 @@ function getUserName($id)
     return '';
 }
 
-?>
+?>