My provider installed php 4.33 on his servers yesterday. Since then every user is able to log in onto the forums giving any password! I suppose that the problem is in the crypt() funktion since i have a modified phpbb which crypts the password in database. Normally the script uses this:
if( md5($password) == $row['user_password'] && $row['user_active'] ) but i had to change it to: if( crypt(md5(crypt( md5($password) == $row['user_password'] && $row['user_active'] )))) because the passwords are crypted in my database. Can you tell me what went wrong in php 4.33 so that obviously this doesn't work any more (it did word on 4.32!)?
