commit 57a98caf328499c7904277e414ffdbc50691c16f
author Luigi Santivetti <luigi.santivetti@gmail.com> Tue Oct 13 22:55:51 2020 +0100
committer Luigi Santivetti <luigi.santivetti@gmail.com> Tue Oct 13 22:56:29 2020 +0100
tree 34763915bad8a57ecfc8486e4ed7e977461b0f7a
parent 7bab4945c6122b5ecc169f8ba8e758f6201fb933

code-igniter-v3-giggi: update release v2

application/controllers/Invite.php

diff --git a/application/controllers/Invite.php b/application/controllers/Invite.php
index 9c98621..064bd45 100644
--- a/application/controllers/Invite.php
+++ b/application/controllers/Invite.php
@@ -20,13 +20,6 @@
         $file_html = $file_name.'.html';
         if ($this->is_valid_file('views/page/', $file_html))
         {
-            /* Got to open a connection here as validation may require one */
-            if (!$this->load->database())
-                redirect(base_url('index.html'));
-
-            $this->load->helper(array('form', 'url'));
-            $this->load->library('form_validation');
-
             $this->form_validation->set_rules('username', 'Username',
                 'required|min_length[5]|max_length[12]|is_unique[users.username]',
                 array(
@@ -66,7 +59,11 @@
                 $stmt = "INSERT INTO users (username, email, password) VALUES (?, ?, ?)";
                 $data = $this->input->post(array('username', 'email'));
                 $password = $this->input->post('password');
-                $hash_password = password_hash($password, PASSWORD_DEFAULT);
+
+                $pepp = getenv('HOST_PEPPER');
+                $pepp_password = hash_hmac("sha256", $password, $pepp);
+                $hash_password = password_hash($pepp_password, PASSWORD_BCRYPT);
+
                 $data['password'] = $hash_password;
 
                 if (!$this->db->query($stmt, $data))
@@ -84,7 +81,6 @@
                 }
             }
 
-            $this->db->close();
             $this->load->view('page/'.$file_html);
         }
         else