mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-06 14:46:56 +02:00
Code Issues Releases Wiki Activity

#4004 - Fix for password filter in /usersettings.php

Browse Source
This commit is contained in:
Tijn Kuyper
2019-11-04 18:38:00 +01:00
parent 02497778b7
commit 74aeb9dcc7
1 changed files with 14 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
usersettings.php
View File

@@ -348,13 +348,23 @@ class usersettings_front // Begin Usersettings rewrite.
if (!empty($_POST['updatesettings'])) if (!empty($_POST['updatesettings']))
{ {
$ueVals = $_POST['ue']; // Do not filter these values (saving)
$ueVals = $_POST['ue'];
$passtemp1 = $_POST['password1'];
$passtemp2 = $_POST['password2'];
// Filter the others
$_POST = e107::getParser()->filter($_POST); $_POST = e107::getParser()->filter($_POST);
// Pass the original values back (restoring)
$_POST['ue'] = $ueVals;
$_POST['password1'] = $passtemp1;
$_POST['password2'] = $passtemp2;
$_POST['ue'] = $ueVals; // Unset temporary vars
unset($ueVals); unset($ueVals);
unset($passtemp1);
unset($passtemp2);
if (!vartrue($pref['auth_method'])) if (!vartrue($pref['auth_method']))
{ {