From 0f3e30ba49a0ecdce3b731dfd2cc6ef7d50d2e9d Mon Sep 17 00:00:00 2001 From: niekt0 Date: Thu, 13 Jan 2011 17:53:50 +0100 Subject: [PATCH] security fix (sqli) --- wwwroot/inc/eventz/reset_password.inc | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/wwwroot/inc/eventz/reset_password.inc b/wwwroot/inc/eventz/reset_password.inc index 0f657e4..ade11ee 100644 --- a/wwwroot/inc/eventz/reset_password.inc +++ b/wwwroot/inc/eventz/reset_password.inc @@ -1,11 +1,11 @@ query($q); - require(INCLUDE_DIR.'ldap.inc'); - LDAPuser::change_pass_forced($user_id,$password1); +// require(INCLUDE_DIR.'ldap.inc'); +// LDAPuser::change_pass_forced($user_id,$password1); $error="Password changed. Now you can login with your new password."; return false; -- 2.30.2