From: <mo...@us...> - 2003-08-05 22:33:04
|
Update of /cvsroot/tikiwiki/tiki/lib In directory sc8-pr-cvs1:/tmp/cvs-serv10605/lib Modified Files: userslib.php Log Message: fixed the auth problem with admin account Index: userslib.php =================================================================== RCS file: /cvsroot/tikiwiki/tiki/lib/userslib.php,v retrieving revision 1.39 retrieving revision 1.40 diff -u -d -r1.39 -r1.40 --- userslib.php 4 Aug 2003 05:19:18 -0000 1.39 +++ userslib.php 5 Aug 2003 22:32:59 -0000 1.40 @@ -94,7 +94,7 @@ static $rv = array(); if (!isset($rv[$user])) { - $query = "select `login` from `users_users` where `login`=?"; + $query = "select `login` from `users_users` where `login` = ?"; $result = $this->query($query,array($user)); $rv[$user] = $result->numRows(); } @@ -349,12 +349,12 @@ return USER_NOT_FOUND; $res = $result->fetchRow(DB_FETCHMODE_ASSOC); - $hash=md5($user.$pass.$res['login']); + $hash=md5($user.$pass); $hash2 = md5($pass); // next verify the password with 2 hashes methods, the old one (passà)) and the new one (login.pass;email) if($feature_challenge=='n' || empty($response)) { - $query = "select `login` from `users_users` where ".$this->convert_binary()." `login` = ? and `hash`=?"; - $result = $this->query($query,array($user,$hash)); + $query = "select `login` from `users_users` where ".$this->convert_binary()." `login` = ? and (`hash`=? or `hash`=?)"; + $result = $this->query($query,array($user,$hash,$hash2)); if($result->numRows()) { $t = date("U"); // Check |