-
THE BUG WAS FOUND IN: func.inc.php
function F_loginUser($Username,$Password) {
global $db;
$sql = "UPDATE T_Users SET ";
$sql .= "LastLogin = now() ";
$sql .= "WHERE Username = '$Username' ";
$sql .= "AND Password = '" . md5($Password) . "' ";
$sql .= "AND Verified = 'Y'";
mysql_query($sql,$db);
if (mysql_affected_rows()>0) {
return true;
The input is not sanitized.
2009-10-30 18:30:58 UTC by tavezbadalov
-
Find my solution here:
http://phpweblog.org/stories.php?story=04/12/29/4113450.
2005-09-01 19:33:49 UTC by nobody
-
Hi, I think this should solve the problem that was
reported in 494222 (there was a letter 'l' instead of
the number 1 in one of the declarations). The file
includes a difference list generated using diff.
2005-04-27 09:24:25 UTC by gosiaw
-
-- == -- == -- == -- == -- == -- == -- == -- == -- == --
Name: phpWebLog
Version:
2005-03-07 19:28:01 UTC by nobody
-
Would be great if someone could come up with a fix for this
in the meantime!
2005-01-07 14:01:49 UTC by nobody
-
Logged In: YES
user_id=5672
<br /> is correct for xhtml, which 5.3 claims to use.
2003-04-04 03:09:10 UTC by enterfornone
-
openface committed patchset 278 of module phpweblog_current to the phpWebLog CVS repository, changing 1 files.
2003-01-09 18:13:03 UTC by openface
-
THrought pwl5.3 any <br> tags are coded as <br />.
2002-12-08 21:00:05 UTC by logart
-
Logged In: YES
user_id=14468
I found the problem. In header.inc.php, the css settings
have a -10 margin setting for top and left. Here is the fix:
Was:
BODY {margin: -10px 0px 0px -10px; <?=$LAYOUT["GlobalStyle"]?>}
Should be:
BODY {margin: 0px 0px 0px 0px; <?=$LAYOUT["GlobalStyle"]?>}.
2002-12-04 17:07:18 UTC by logart
-
Just installed phpweblog 5.3. The upper and left side
borders of the page are cut off. I will attache a
screenshot.
2002-12-03 19:44:13 UTC by logart
