Skip to content

Login Security #13

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Feb 2, 2012
Merged

Login Security #13

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
c406d09
Change username/password checking to user prepared statement
driusan Jan 31, 2012
5f3887f
Delete legacy section of code that says to delete it.
driusan Jan 31, 2012
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 2 additions & 18 deletions php/libraries/SinglePointLogin.class.inc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -237,8 +237,8 @@ class SinglePointLogin extends PEAR
}

// check users table to see if we have a valid user
$query = "SELECT COUNT(*) AS User_count, Password_md5, Password_expiry, Active FROM users WHERE UserID = '".$_POST['username']."' GROUP BY UserID";
$DB->selectRow($query, $row);
$query = "SELECT COUNT(*) AS User_count, Password_md5, Password_expiry, Active FROM users WHERE UserID = :username GROUP BY UserID";
$row = $DB->pselectRow($query, array('username' => $_POST['username']));
if (PEAR::isError($row)) {
return PEAR::raiseError("DB Error: ".$row->getMessage());
}
Expand All @@ -262,22 +262,6 @@ class SinglePointLogin extends PEAR
$this->_username = $_POST['username'];
return true;
}
// !!! DELETE ONCE ALL PASSWORDS HAVE BEEN SET TO MD5 SALTS
else {
// check users table to see if we have a valid user
$query = "SELECT COUNT(*) AS User_count FROM users WHERE UserID = '".$_POST['username']."' AND Password = PASSWORD('".$_POST['password']."')";
$DB->selectRow($query, $row2);
if (PEAR::isError($row2)) {
return PEAR::raiseError("DB Error: ".$row2->getMessage());
}

// user is logged in
if ($row2['User_count'] == 1) {
// force password expiry screen
$this->showPasswordExpiryScreen();
}
}
// !!! END DELETE
// bad usename or password
}

Expand Down