Update of /cvsroot/phpmp/phpMP/includes
In directory sc8-pr-cvs1:/tmp/cvs-serv31961/includes
Modified Files:
core.php session.php
Log Message:
A few small updates.
Index: core.php
===================================================================
RCS file: /cvsroot/phpmp/phpMP/includes/core.php,v
retrieving revision 1.64
retrieving revision 1.65
diff -C2 -r1.64 -r1.65
*** core.php 30 Jun 2003 04:04:02 -0000 1.64
--- core.php 30 Jun 2003 23:13:47 -0000 1.65
***************
*** 66,81 ****
if (!empty($_POST)) { $_POST = $this->strip_magic_quotes($_POST); }
if (!empty($_COOKIE)) { $_COOKIE = $this->strip_magic_quotes($_COOKIE); }
- }
-
- // This code *should* be changed later.
- if( !defined("C_PHPMP_ROOT") )
- {
- define( 'C_PHPMP_ROOT', './' );
}
! //error_reporting(E_ALL);
! error_reporting(E_ERROR | E_WARNING | E_PARSE);
! include_once( C_PHPMP_ROOT . 'config.php' );
// Globalize all major class-containing variables.
--- 66,75 ----
if (!empty($_POST)) { $_POST = $this->strip_magic_quotes($_POST); }
if (!empty($_COOKIE)) { $_COOKIE = $this->strip_magic_quotes($_COOKIE); }
}
! error_reporting(E_ALL);
! //error_reporting(E_ERROR | E_WARNING | E_PARSE);
! $blah = include_once( C_PHPMP_ROOT . 'config.php' );
// Globalize all major class-containing variables.
Index: session.php
===================================================================
RCS file: /cvsroot/phpmp/phpMP/includes/session.php,v
retrieving revision 1.16
retrieving revision 1.17
diff -C2 -r1.16 -r1.17
*** session.php 30 Jun 2003 03:43:42 -0000 1.16
--- session.php 30 Jun 2003 23:13:47 -0000 1.17
***************
*** 91,95 ****
// We are logging in. Set up variables.
! $username = $_POST['login_username'];
$passwd_enc = md5($_POST['login_passwd']);
$auto_login_set = $_POST['autologin'];
--- 91,95 ----
// We are logging in. Set up variables.
! $username = addslashes($_POST['login_username']);
$passwd_enc = md5($_POST['login_passwd']);
$auto_login_set = $_POST['autologin'];
***************
*** 97,102 ****
$sql = "SELECT * FROM " . DB_USERS_TABLE . "
! WHERE user_name='" . addslashes($username) . "'
! AND user_passwd='" . $passwd_enc . "'";
$result = $DB->query($sql);
--- 97,102 ----
$sql = "SELECT * FROM " . DB_USERS_TABLE . "
! WHERE user_name='" . $username . "'
! AND user_passwd='" . $passwd_enc . "'";
$result = $DB->query($sql);
***************
*** 133,137 ****
global $User, $DB, $Config, $SID;
! if( (isset($_POST['do_login'])) && ($_POST['do_login'] == true) )
{
$this->login();
--- 133,137 ----
global $User, $DB, $Config, $SID;
! if( isset($_POST['do_login']) && ($_POST['do_login'] == true) )
{
$this->login();
|
