summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--login.php4
-rw-r--r--useradm.php4
2 files changed, 4 insertions, 4 deletions
diff --git a/login.php b/login.php
index 3f2c5f2..ddb25b5 100644
--- a/login.php
+++ b/login.php
@@ -5,8 +5,8 @@
@$op = $_REQUEST["op"];
if ($op == "perform-login") {
- $user = SQLite3::escapeString($_REQUEST["user"]);
- $password = SQLite3::escapeString('SHA256:' . hash('sha256', "$user:" . $_REQUEST["password"]));
+ $user = SQLite3::escapeString(trim(mb_strtolower($_REQUEST["user"])));
+ $password = SQLite3::escapeString('SHA256:' . hash('sha256', "$user:" . trim($_REQUEST["password"])));
$dbh = Db::get();
diff --git a/useradm.php b/useradm.php
index d36167a..ee330cb 100644
--- a/useradm.php
+++ b/useradm.php
@@ -44,8 +44,8 @@
exit;
}
- $user = SQLite3::escapeString($user);
- $pass_hash = SQLite3::escapeString('SHA256:' . hash('sha256', "$user:$pass"));
+ $user = SQLite3::escapeString(trim(mb_strtolower($user)));
+ $pass_hash = SQLite3::escapeString('SHA256:' . hash('sha256', "$user:" . trim($pass)));
print "Adding user $user with password $pass...\n";
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-05 05:45:05 +0000