adminからも消す。

nna774 · nna774 · commit ae23afb356f8 · 2018-09-16T17:10:36.000+09:00
diff --git a/app/webapp/ruby/lib/torb/web.rb b/app/webapp/ruby/lib/torb/web.rb
@@ -376,7 +376,7 @@ def render_report_csv(reports)
       password   = body_params['password']
 
       administrator = db.xquery('SELECT * FROM administrators WHERE login_name = ?', login_name).first
-      pass_hash     = db.xquery('SELECT SHA2(?, 256) AS pass_hash', password).first['pass_hash']
+      pass_hash     = OpenSSL::Digest::SHA256.hexdigest(password)
       halt_with_error 401, 'authentication_failed' if administrator.nil? || pass_hash != administrator['pass_hash']
 
       session['administrator_id'] = administrator['id']
