From: <gi...@ma...> - 2009-10-14 04:49:25
|
The branch, master has been updated via 81660f137e6d6e4048527cdfcb0247b26d1af5fa (commit) from 2ceb60719d998f6565a927d2aa0610fc3fc890f1 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 81660f137e6d6e4048527cdfcb0247b26d1af5fa Author: Victor Boctor <vb...@gm...> Date: Tue Oct 13 21:48:59 2009 -0700 Fix #10979: New user creation when using LDAP authentication enters plain text password user entered into the database. ----------------------------------------------------------------------- Summary of changes: core/authentication_api.php | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) ----------------------------------------------------------------------- commit 81660f137e6d6e4048527cdfcb0247b26d1af5fa Author: Victor Boctor <vb...@gm...> Date: Tue Oct 13 21:48:59 2009 -0700 Fix #10979: New user creation when using LDAP authentication enters plain text password user entered into the database. diff --git a/core/authentication_api.php b/core/authentication_api.php index 4879699..f6bf75b 100644 --- a/core/authentication_api.php +++ b/core/authentication_api.php @@ -191,7 +191,7 @@ function auth_attempt_login( $p_username, $p_password, $p_perm_login = false ) { if ( $t_auto_create ) { # attempt to create the user - $t_cookie_string = user_create( $p_username, $p_password ); + $t_cookie_string = user_create( $p_username, md5( $p_password ) ); if ( false === $t_cookie_string ) { # it didn't work ----------------------------------------------------------------------- -- Mantis Bug Tracker |