diff options
| author | Andrew Dolgov <[email protected]> | 2011-11-22 10:43:24 +0400 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2011-11-22 10:43:24 +0400 |
| commit | 92decf4f2ddb0c822e8d333ae66f4014f0bee253 (patch) | |
| tree | 153bf30ddf3b57e9a2dfec0413ed640c8193016d /functions.php | |
| parent | b9d55377248bde2bd0b11a4323215e3d69711fb7 (diff) | |
properly escape login and password in login_sequence() (refs #392)
Diffstat (limited to 'functions.php')
| -rw-r--r-- | functions.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/functions.php b/functions.php index 498750851..10f8e034e 100644 --- a/functions.php +++ b/functions.php @@ -2110,8 +2110,8 @@ # try to authenticate user if called from login form if ($login_action == "do_login") { - $login = $_POST["login"]; - $password = $_POST["password"]; + $login = db_escape_string($_POST["login"]); + $password = db_escape_string($_POST["password"]); $remember_me = $_POST["remember_me"]; if (authenticate_user($link, $login, $password)) { |