mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-07-31 20:00:37 +02:00
Code Issues Releases Wiki Activity

Salted authorization didn't work - quick fix made, awaiting Steve for further discussion on this subject

Browse Source
This commit is contained in:
secretr
2011-09-16 11:39:06 +00:00
parent 5cb24000b9
commit 31c72e310f
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
e107_handlers/login.php
View File

@@ -388,6 +388,7 @@ class userlogin
} }
// FIXME - [SecretR] $username is not set and I really can't get the idea. // FIXME - [SecretR] $username is not set and I really can't get the idea.
$username = $this->userData['user_loginname']; // TODO for Steve - temporary fix, where $username comes from?
// Now check password // Now check password
if ($forceLogin) if ($forceLogin)
@@ -409,7 +410,8 @@ class userlogin
} }
} }
else else
{ // Plaintext password {
// Plaintext password
// $this->e107->admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Plaintext login","U: {$username}, P: {$userpass}, C: ".$session->get('challenge')." R:{$response} S: {$this->userData['user_password']}",FALSE,LOG_TO_ROLLING); // $this->e107->admin_log->e_log_event(4,__FILE__."|".__FUNCTION__."@".__LINE__,"DBG","Plaintext login","U: {$username}, P: {$userpass}, C: ".$session->get('challenge')." R:{$response} S: {$this->userData['user_password']}",FALSE,LOG_TO_ROLLING);
if (($pass_result = $this->userMethods->CheckPassword($userpass,($this->lookEmail ? $this->userData['user_loginname'] : $username),$requiredPassword)) === PASSWORD_INVALID) if (($pass_result = $this->userMethods->CheckPassword($userpass,($this->lookEmail ? $this->userData['user_loginname'] : $username),$requiredPassword)) === PASSWORD_INVALID)
{ {