Menu
▾
▴
SF.net SVN: bzflag:[22833] trunk/web/bzfls/bzfls.php
|
From: <bla...@us...> - 2014-11-29 01:27:35
|
Revision: 22833
http://sourceforge.net/p/bzflag/code/22833
Author: blast007
Date: 2014-11-29 01:27:28 +0000 (Sat, 29 Nov 2014)
Log Message:
-----------
Never dump password information (hashed or otherwise) to the log.
Modified Paths:
--------------
trunk/web/bzfls/bzfls.php
Modified: trunk/web/bzfls/bzfls.php
===================================================================
--- trunk/web/bzfls/bzfls.php 2014-11-29 01:25:47 UTC (rev 22832)
+++ trunk/web/bzfls/bzfls.php 2014-11-29 01:27:28 UTC (rev 22833)
@@ -12,9 +12,6 @@
// IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
// WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
-
-define ('MD5_PASSWORD', true);
-
define('IN_PHPBB', true);
$phpbb_root_path = '../../forums.bzflag.org/htdocs/';
$phpEx = 'php';
@@ -105,8 +102,8 @@
foreach ($a as $key => $val){
if (!strlen($msg))
$msg .= ', ';
- if (MD5_PASSWORD && strncasecmp ($key, "PASS", 4)==0)
- $val = md5($val);
+ if (strncasecmp ($key, "PASS", 4)==0)
+ $val = "**PASSWORD FILTERED**";
$msg .= "$key=$val";
}
return str_replace (array ("\r", "\n"), array ('<\r>', '<\n>'), $msg);
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|