From aa7db04a91f3ca0a319ba4759ea2e56a39d63b5f Mon Sep 17 00:00:00 2001
From: Kijin Sung <kijin@kijinsung.com>
Date: Fri, 6 Mar 2015 15:14:03 +0900
Subject: [PATCH] =?UTF-8?q?=EB=AC=B8=EC=84=9C=20=EB=B0=8F=20=EB=8C=93?=
 =?UTF-8?q?=EA=B8=80=20=EB=AA=A8=EB=93=88=EC=97=90=EC=84=9C=20=EB=B9=84?=
 =?UTF-8?q?=ED=9A=8C=EC=9B=90=20=EB=B9=84=EB=B2=88=20=ED=95=B4=EC=8B=B1?=
 =?UTF-8?q?=EC=97=90=20=ED=9A=8C=EC=9B=90=EB=AA=A8=EB=93=88=EA=B3=BC=20?=
 =?UTF-8?q?=EA=B0=99=EC=9D=80=20=EC=95=8C=EA=B3=A0=EB=A6=AC=EB=93=AC?=
 =?UTF-8?q?=EC=9D=84=20=EC=82=AC=EC=9A=A9=ED=95=98=EB=8F=84=EB=A1=9D=20?=
 =?UTF-8?q?=EB=B3=80=EA=B2=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 modules/comment/comment.controller.php   |  6 +++---
 modules/document/document.controller.php | 14 ++++++++++----
 2 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/modules/comment/comment.controller.php b/modules/comment/comment.controller.php
index e4117e14d..bed4696d9 100644
--- a/modules/comment/comment.controller.php
+++ b/modules/comment/comment.controller.php
@@ -253,10 +253,10 @@ class commentController extends comment
 		// get a object of document model
 		$oDocumentModel = getModel('document');
 
-		// even for manual_inserted if password exists, md5 it.
+		// even for manual_inserted if password exists, hash it.
 		if($obj->password)
 		{
-			$obj->password = md5($obj->password);
+			$obj->password = getModel('member')->hashPassword($obj->password);
 		}
 
 		// get the original posting
@@ -677,7 +677,7 @@ class commentController extends comment
 
 		if($obj->password)
 		{
-			$obj->password = md5($obj->password);
+			$obj->password = getModel('member')->hashPassword($obj->password);
 		}
 
 		if($obj->homepage) 
diff --git a/modules/document/document.controller.php b/modules/document/document.controller.php
index 05f9ecafc..912d8568e 100644
--- a/modules/document/document.controller.php
+++ b/modules/document/document.controller.php
@@ -251,8 +251,11 @@ class documentController extends document
 		if(!$obj->readed_count) $obj->readed_count = 0;
 		if($isLatest) $obj->update_order = $obj->list_order = $obj->document_srl * -1;
 		else $obj->update_order = $obj->list_order;
-		// Check the status of password hash for manually inserting. Apply md5 hashing for otherwise.
-		if($obj->password && !$obj->password_is_hashed) $obj->password = md5($obj->password);
+		// Check the status of password hash for manually inserting. Apply hashing for otherwise.
+		if($obj->password && !$obj->password_is_hashed)
+		{
+			$obj->password = getModel('member')->hashPassword($obj->password);
+		}
 		// Insert member's information only if the member is logged-in and not manually registered.
 		$logged_info = Context::get('logged_info');
 		if(Context::get('is_logged') && !$manual_inserted && !$isRestore)
@@ -437,8 +440,11 @@ class documentController extends document
 		}
 		// Change the update order
 		$obj->update_order = getNextSequence() * -1;
-		// Hash by md5 if the password exists
-		if($obj->password) $obj->password = md5($obj->password);
+		// Hash the password if it exists
+		if($obj->password)
+		{
+			$obj->password = getModel('member')->hashPassword($obj->password);
+		}
 		// If an author is identical to the modifier or history is used, use the logged-in user's information.
 		if(Context::get('is_logged'))
 		{