Changeset 808 for trunk/identification.php
- Timestamp:
- Aug 8, 2005, 10:52:19 PM (19 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/identification.php
r688 r808 34 34 if (isset($_POST['login'])) 35 35 { 36 $username = mysql_escape_string($_POST['username']); 36 37 // retrieving the encrypted password of the login submitted 37 38 $query = ' 38 SELECT id, password 39 SELECT '.$conf['user_fields']['id'].' AS id, 40 '.$conf['user_fields']['password'].' AS password 39 41 FROM '.USERS_TABLE.' 40 WHERE username = \''.$_POST['username'].'\'42 WHERE '.$conf['user_fields']['username'].' = \''.$username.'\' 41 43 ;'; 42 44 $row = mysql_fetch_array(pwg_query($query)); 43 if ($row['password'] == md5($_POST['password']))45 if ($row['password'] == $conf['pass_convert']($_POST['password'])) 44 46 { 45 47 $session_length = $conf['session_length'];
Note: See TracChangeset
for help on using the changeset viewer.