users/login.php:

- don't escape_string() username and password git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@1487 a1433add-5e2c-0410-b055-b7f2511e0802
11 years ago · c711467174
parent 91423b5baf
commit c711467174
1 changed files with 2 additions and 3 deletions
--- a/users/login.php
+++ b/users/login.php
@ -34,15 +34,14 @@ require_once("../common.php");
 if ($_SERVER['REQUEST_METHOD'] == "POST")
 {
   $lang = safepost('lang');
+   $fUsername = safepost('fUsername');
+   $fPassword = safepost('fPassword');

   if ( $lang != check_language(0) ) { # only set cookie if language selection was changed
      setcookie('lang', $lang, time() + 60*60*24*30); # language cookie, lifetime 30 days
      # (language preference cookie is processed even if username and/or password are invalid)
   }

-   $fUsername = escape_string ($_POST['fUsername']);
-   $fPassword = escape_string ($_POST['fPassword']);
-
   $h = new MailboxHandler();
   if($h->login($_POST['fUsername'], $_POST['fPassword'])) {
      session_regenerate_id();