diff options
| author | Andrew Dolgov <[email protected]> | 2013-03-27 13:45:10 +0400 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2013-03-27 13:47:35 +0400 |
| commit | c72069b098ae0cd6bb1a662fcdbd28706e9aca45 (patch) | |
| tree | 681cc7717923a0ffc520355115915f6079b513b2 /classes/pref/users.php | |
| parent | be574731fcb3db99df04b7300cea184b2780ba12 (diff) | |
pref_users: do not escape password to prevent special character
mishandling; remove inconsistent trimming of passwords
Diffstat (limited to 'classes/pref/users.php')
| -rw-r--r-- | classes/pref/users.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/classes/pref/users.php b/classes/pref/users.php index 4055bca45..45260fd93 100644 --- a/classes/pref/users.php +++ b/classes/pref/users.php @@ -203,7 +203,7 @@ class Pref_Users extends Handler_Protected { $uid = db_escape_string($this->link, $_REQUEST["id"]); $access_level = (int) $_REQUEST["access_level"]; $email = db_escape_string($this->link, trim($_REQUEST["email"])); - $password = db_escape_string($this->link, trim($_REQUEST["password"])); + $password = $_REQUEST["password"]; if ($password) { $salt = substr(bin2hex(get_random_bytes(125)), 0, 250); |