Menu
▾
▴
[Mantisbt-cvs] mantisbt login_page.php,1.32,1.33
|
From: <vb...@us...> - 2004-01-08 14:26:40
|
Update of /cvsroot/mantisbt/mantisbt
In directory sc8-pr-cvs1:/tmp/cvs-serv6810
Modified Files:
login_page.php
Log Message:
Fixed #3495: Warning even if administrator account is disabled
M login_page.php
- The warning for administrator account was displayed if the account exists with the default password. It didn't check for the enabled flag.
Index: login_page.php
===================================================================
RCS file: /cvsroot/mantisbt/mantisbt/login_page.php,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -d -r1.32 -r1.33
--- login_page.php 21 Aug 2003 14:31:42 -0000 1.32
+++ login_page.php 8 Jan 2004 14:26:37 -0000 1.33
@@ -112,8 +112,9 @@
}
# Generate a warning if administrator/root is valid.
- if ( user_get_id_by_name( 'administrator' ) !== false ) {
- if ( auth_does_password_match( user_get_id_by_name( 'administrator' ), 'root' ) ) {
+ $t_admin_user_id = user_get_id_by_name( 'administrator' );
+ if ( $t_admin_user_id !== false ) {
+ if ( user_is_enabled( $t_admin_user_id ) && auth_does_password_match( $t_admin_user_id, 'root' ) ) {
echo '<div class="warning" align="center">';
echo '<p><font color="red"><strong>WARNING:</strong> You should disable the default "administrator" account or change its password.</font></p>';
echo '</div>';
|