The passwordgood function returns the same result, successful authentication, if the cpw parameter is the plaintext password or the password hash. I'm guessing that pre-git dgamelaunch didn't hash passwords at all, and this check was retained for compatiblity. Unfortunately, this means that the user database/file effectively stores cleartext passwords for the purposes of logging into dgamelaunch.
The
passwordgoodfunction returns the same result, successful authentication, if thecpwparameter is the plaintext password or the password hash. I'm guessing that pre-git dgamelaunch didn't hash passwords at all, and this check was retained for compatiblity. Unfortunately, this means that the user database/file effectively stores cleartext passwords for the purposes of logging into dgamelaunch.