Menu
▾
▴
#401 (ok 2.11.6) colon in PW prevents login (http)
when users have a colon in their password they can't login using auth_type "http" on some CGI installations due to the explode function.
fix for, e.g., version QA_2_11, libraries/auth/
* @version $Id: http.auth.lib.php 10893 2007-11-01 20:59:48Z lem9 $
@ line 140:
- if (!empty($usr_pass) && strpos($usr_pass, ':') !== false) {
- list($PHP_AUTH_USER, $PHP_AUTH_PW) = explode(':',
$usr_pass);
- }
+ if (!empty($usr_pass)) {
+ $colon = strpos($usr_pass, ':');
+ if($colon) {
+ $PHP_AUTH_USER = substr($usr_pass, 0, $colon);
+ $PHP_AUTH_PW = substr($usr_pass, $colon + 1);
+ }
+ unset($colon);
+ }
Logged In: YES
user_id=210714
Originator: NO
Merged in subversion, thanks.