public/tt-rss
1
0
Fork 0
mirror of https://git.tt-rss.org/git/tt-rss.git synced 2025-12-14 00:25:54 +00:00
Code Issues Releases Wiki Activity

pref_users: do not escape password to prevent special character

Browse Source 
mishandling; remove inconsistent trimming of passwords
This commit is contained in:
Andrew Dolgov
2013-03-27 13:45:10 +04:00
parent be574731fc
commit c72069b098
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
classes/pref/users.php
View File

@@ -203,7 +203,7 @@ class Pref_Users extends Handler_Protected {
$uid = db_escape_string($this->link, $_REQUEST["id"]); $uid = db_escape_string($this->link, $_REQUEST["id"]);
$access_level = (int) $_REQUEST["access_level"]; $access_level = (int) $_REQUEST["access_level"];
$email = db_escape_string($this->link, trim($_REQUEST["email"])); $email = db_escape_string($this->link, trim($_REQUEST["email"]));
$password = db_escape_string($this->link, trim($_REQUEST["password"])); $password = $_REQUEST["password"];
if ($password) { if ($password) {
$salt = substr(bin2hex(get_random_bytes(125)), 0, 250); $salt = substr(bin2hex(get_random_bytes(125)), 0, 250);