banananetwork
/
postfixadmin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

MailboxHandler.php:

Browse Source 
- make login() a non-static function
- login: use $this->db_table and $this->id_field instead of hardcoded names

users/login.php, xmlrpc.php:
- adopt to now non-static MailboxHandler->login()



git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1484 a1433add-5e2c-0410-b055-b7f2511e0802
pull/2/head
Christian Boltz 11 years ago
parent 9af5a5cc03
commit 8ff856df12
3 changed files with 8 additions and 5 deletions
Show Stats Download Patch File Download Diff File

6
model/MailboxHandler.php
Unescape Escape View File

@ -442,12 +442,12 @@ class MailboxHandler extends PFAHandler {
* @param string $password
* @return boolean true on successful login (i.e. password matches etc)
*/
public static function login($username, $password) {
public function login($username, $password) {
$username = escape_string($username);
$table_mailbox = table_by_key('mailbox');
$table = table_by_key($this->db_table);
$active = db_get_boolean(True);
$query = "SELECT password FROM $table_mailbox WHERE username='$username' AND active='$active'";
$query = "SELECT password FROM $table WHERE " . $this->id_field . "='$username' AND active='$active'";
$result = db_query ($query);
if ($result['rows'] == 1) {

3
users/login.php
Unescape Escape View File

@ -43,7 +43,8 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
$fUsername = escape_string ($_POST['fUsername']);
$fPassword = escape_string ($_POST['fPassword']);
if(MailboxHandler::login($_POST['fUsername'], $_POST['fPassword'])) {
$h = new MailboxHandler();
if($h->login($_POST['fUsername'], $_POST['fPassword'])) {
session_regenerate_id();
$_SESSION['sessid'] = array();
$_SESSION['sessid']['roles'] = array();

4
xmlrpc.php
Unescape Escape View File

@ -45,7 +45,9 @@ $server = new Zend_XmlRpc_Server();
* @return boolean true on success, else false.
*/
function login($username, $password) {
if(MailboxHandler::login($username, $password)) {
$h = new MailboxHandler();
if($h::login($username, $password)) {
session_regenerate_id();
$_SESSION['authenticated'] = true;
$_SESSION['username'] = $username;

Write Preview
Loading…
Cancel
Save