emerose/Plaintext Passwords IV Fix.php

## Plaintext Passwords IV Fix.php
<?php
$salt = substr(md5(rand()), 0, 4);
$hashedpassword = md5($password.$salt);
$sql = "INSERT INTO Users (Username, Password, Salt) " .
       "VALUES ('" . addslashes($username) . "', " .
       "'$hashedpassword', '$salt')";
$db->executeQuery($sql);

// ...

$sql = "SELECT Salt FROM Users WHERE Username = '" .
       addslashes($username) . "'";
$rs = $db->executeQuery($sql);
$salt = $rs->getValueByNr(0,0);
$hashedpassword = md5($password.$salt);
$sql = "SELECT * FROM Users WHERE " .
       "Username = '" . addslashes($username) . "' AND " .
       "Password = '$hashedpassword'";
?>
	<?php
	$salt = substr(md5(rand()), 0, 4);
	$hashedpassword = md5($password.$salt);
	$sql = "INSERT INTO Users (Username, Password, Salt) " .
	"VALUES ('" . addslashes($username) . "', " .
	"'$hashedpassword', '$salt')";
	$db->executeQuery($sql);

	// ...

	$sql = "SELECT Salt FROM Users WHERE Username = '" .
	addslashes($username) . "'";
	$rs = $db->executeQuery($sql);
	$salt = $rs->getValueByNr(0,0);
	$hashedpassword = md5($password.$salt);
	$sql = "SELECT * FROM Users WHERE " .
	"Username = '" . addslashes($username) . "' AND " .
	"Password = '$hashedpassword'";
	?>