gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-10-10 19:12:42 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

check if pwd is passed in _POST

Browse Source
This commit is contained in:
Uwe Steinmann 2014-07-24 07:53:08 +02:00
parent 5641b5b067
commit 760da5e2b4
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
op/op.Login.php
View File

@ -50,10 +50,13 @@ if (!isset($login) || strlen($login)==0) {
exit;
}
$pwd = '';
if(isset($_POST['pwd'])) {
$pwd = (string) $_POST["pwd"];
if (get_magic_quotes_gpc()) {
$pwd = stripslashes($pwd);
}
}
$guestUser = $dms->getUser($settings->_guestID);
if ((!isset($pwd) || strlen($pwd)==0) && ($login != $guestUser->getLogin())) {