diff options
| author | Andrew Dolgov <[email protected]> | 2006-03-07 12:25:44 +0100 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2006-03-07 12:25:44 +0100 |
| commit | 7f16656eb7aea169fca6732ccd74ceffd13a1984 (patch) | |
| tree | 2f3f12f9e8a4c70e0e4b319a3f2f6e64c0563a63 /functions.php | |
| parent | 68511f86ac18cac0a8484b2c34f625fb4f2f3b99 (diff) | |
remove support for plain-text passwords
Diffstat (limited to 'functions.php')
| -rw-r--r-- | functions.php | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/functions.php b/functions.php index 931774cfd..a7a17f9b5 100644 --- a/functions.php +++ b/functions.php @@ -740,8 +740,7 @@ $pwd_hash = 'SHA1:' . sha1($password); $result = db_query($link, "SELECT id,login,access_level FROM ttrss_users WHERE - login = '$login' AND ((pwd_hash = '$password' AND '$password' = 'password') - OR pwd_hash = '$pwd_hash')"); + login = '$login' AND pwd_hash = '$pwd_hash'"); if (db_num_rows($result) == 1) { $_SESSION["uid"] = db_fetch_result($result, 0, "id"); |