GIT.Harvie.CZ / mirrors / Kyberia-bloodline.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Migration to PDO database abstraction layer
[mirrors/Kyberia-bloodline.git] / wwwroot / inc / eventz / login.inc
diff --git a/wwwroot/inc/eventz/login.inc b/wwwroot/inc/eventz/login.inc
index 0f7bcf0089a7f30b7818ba4f41a7a37b5c6e2c02..8f33e55e684b539d3cdcd0eb708b82577cd1eeb3 100644 (file)
--- a/wwwroot/inc/eventz/login.inc
+++ b/wwwroot/inc/eventz/login.inc
@@ -10,11 +10,10 @@ function jabberctl($command, $args) { //XXXTODO Move to some .inc file...
        system($cmd);
 }
 
-function login() {
+function login_check($login, $password, $login_type='id') {
 
     global $db,$error,$node_id;
-    $login = mysql_real_escape_string($_POST['login']);
-    $password = $_POST['password']; // Not SQLi but be carefull
+               $login = db_escape_string($login); //Not SQLi in $password but be carefull
     $password_hash_algos=array('sha256','sha1','md5'); //List of supported algos can be obtained using: php -r 'print_r(hash_algos());'
 
     $hash_query='(';
@@ -23,7 +22,6 @@ function login() {
     }
     $hash_query.='false )';
 
-    $login_type = $_POST['login_type'];
     $referer = $_SERVER['HTTP_REFERER'];
 
     if (!session_id()) {
@@ -146,4 +144,10 @@ where node_access.user_id='$user_id' and node_bookmark='yes' order by node_name"
 //    header("Location: $referer");
     return true;
 }
-?>
+
+function login() {
+       $login = $_POST['login'];
+       $password = $_POST['password'];
+       $login_type = $_POST['login_type'];
+       return login_check($login, $password, $login_type);
+}
https://github.com/Kyberia/Kyberia-bloodline.git (mirrored @ Sat, 01 Jun 2024 13:00:11 +0200)
This page took 0.132637 seconds and 4 git commands to generate.