valvin
/
ttrss
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

pref_users: do not escape password to prevent special character 

mishandling; remove inconsistent trimming of passwords
This commit is contained in:
Andrew Dolgov 2013-03-27 13:45:10 +04:00
parent be574731fc
commit c72069b098
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
classes/pref/users.php
View File

@ -203,7 +203,7 @@ class Pref_Users extends Handler_Protected {
$uid = db_escape_string($this->link, $_REQUEST["id"]);
$access_level = (int) $_REQUEST["access_level"];
$email = db_escape_string($this->link, trim($_REQUEST["email"]));
$password = db_escape_string($this->link, trim($_REQUEST["password"]));
$password = $_REQUEST["password"];
if ($password) {
$salt = substr(bin2hex(get_random_bytes(125)), 0, 250);