change backend create user + reset password hashing

Author: beixiao2777

app/Repositories/UserRepository.php

@@ -124,7 +124,7 @@ public function store(array $params)
         }
         $setting = Setting::get('main');
         $secret = mksecret();
-        $passhash = md5($secret . $password . $secret);
+        $passhash = hash('sha256', $secret . hash('sha256', $password));
         $data = [
             'username' => $username,
             'email' => $email,
@@ -161,7 +161,7 @@ public function resetPassword($id, $password, $passwordConfirmation)
             $this->checkPermission($operator, $user);
         }
         $secret = mksecret();
-        $passhash = md5($secret . $password . $secret);
+        $passhash = hash('sha256', $secret . hash('sha256', $password));
         $update = [
             'secret' => $secret,
             'passhash' => $passhash,