Permalink
Browse files

Don't store invalid credentials to session (bug #376)

  • Loading branch information...
1 parent 125b519 commit 6acf188c2f3a4df999b043305b6117a6ae3f1ef4 @vrana committed Jan 30, 2014
Showing with 2 additions and 1 deletion.
  1. +1 −1 adminer/include/auth.inc.php
  2. +1 −0 changes.txt
@@ -109,7 +109,7 @@ function auth_error($exception = null) {
}
function set_password($vendor, $server, $username, $password) {
- $_SESSION["pwds"][$vendor][$server][$username] = ($_COOKIE["adminer_key"]
+ $_SESSION["pwds"][$vendor][$server][$username] = ($_COOKIE["adminer_key"] && is_string($password)
? array(encrypt_string($password, $_COOKIE["adminer_key"]))
: $password
);
View
@@ -2,6 +2,7 @@ Adminer 4.0.3-dev:
MongoDB: insert, truncate, indexes
SimpleDB, MongoDB: insert more fields at once
SQLite: Fix creating table and altering primary key, bug since Adminer 4.0.0
+Don't store invalid credentials to session, bug since Adminer 4.0.0
Norweigan translation
Adminer 4.0.2 (released 2014-01-11):

0 comments on commit 6acf188

Please sign in to comment.