Bugs item #971098, was opened at 2004-06-11 14:43
Message generated for change (Comment added) made by tedar
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=108956&aid=971098&group_id=8956
Category: SQL
Group: None
Status: Open
Resolution: None
Priority: 5
Submitted By: Tedar (tedar)
Assigned to: Nobody/Anonymous (nobody)
Summary: user authentication
Initial Comment:
root authentication will fail if the mysql db is
version > 4.0.
previous to version 4.1 the PASSWORD('$pass') will
generate a 11 bit string, as of version 4.1
PASSWORD('$pass') will generate a 64 bit string.
this hack solves the problem for users with a mysq
version 4.1. (should be backwards compatible)
eregi("[0-9]+(.)[0-9]+(.)[0-9]+",mysql_get_server_info(mysql_connect($GLOBALS['ESPCONFIG']['db_host'],
$GLOBALS['ESPCONFIG']['db_user'],
$GLOBALS['ESPCONFIG']['db_pass'])),$mysql_version);
$mysql_version = $mysql_version[0];
if ($mysql_version > "4.0.0") {
$sql = "SELECT * FROM designer WHERE username =
'$username' AND password = OLD_PASSWORD('$password')
AND disabled = 'N' AND (expiration = '0' OR expiration
> NOW())";
} else {
$sql = "SELECT * FROM designer WHERE username =
'$username' AND password = PASSWORD('$password') AND
disabled = 'N' AND (expiration = '0' OR expiration >
NOW())";
}
----------------------------------------------------------------------
>Comment By: Tedar (tedar)
Date: 2004-06-11 16:05
Message:
Logged In: YES
user_id=1061542
forgot to say which file: in espauth-default.inc line 146
(v 1.6)
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=108956&aid=971098&group_id=8956
|
