banananetwork
/
tt-rss
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

pref_users: do not escape password to prevent special character

Browse Source 
mishandling; remove inconsistent trimming of passwords
master
Andrew Dolgov 12 years ago
parent be574731fc
commit c72069b098
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File

2
classes/pref/users.php
Unescape Escape View File

@ -203,7 +203,7 @@ class Pref_Users extends Handler_Protected {
$uid = db_escape_string($this->link, $_REQUEST["id"]);
$access_level = (int) $_REQUEST["access_level"];
$email = db_escape_string($this->link, trim($_REQUEST["email"]));
$password = db_escape_string($this->link, trim($_REQUEST["password"]));
$password = $_REQUEST["password"];
if ($password) {
$salt = substr(bin2hex(get_random_bytes(125)), 0, 250);

Write Preview
Loading…
Cancel
Save