check if pwd is passed in _POST

2024-11-26 23:42:11 +00:00 · 2014-07-24 07:53:08 +02:00 · 2014-07-24 07:53:08 +02:00 · 760da5e2b4
commit 760da5e2b4
parent 5641b5b067
1 changed files with 6 additions and 3 deletions
--- a/op/op.Login.php
+++ b/op/op.Login.php
@ -50,9 +50,12 @@ if (!isset($login) || strlen($login)==0) {
 	exit;
 }

-$pwd = (string) $_POST["pwd"];
-if (get_magic_quotes_gpc()) {
-	$pwd = stripslashes($pwd);
+$pwd = '';
+if(isset($_POST['pwd'])) {
+	$pwd = (string) $_POST["pwd"];
+	if (get_magic_quotes_gpc()) {
+		$pwd = stripslashes($pwd);
+	}
 }

 $guestUser = $dms->getUser($settings->_guestID);