From 28e23308d4e15c8883b8c36b24e4395487004d95 Mon Sep 17 00:00:00 2001
From: jchu <jchu>
Date: Fri, 21 Jan 2005 14:50:25 +0000
Subject: added hashed passwords

---
 web/html/index.php | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'web/html/index.php')

diff --git a/web/html/index.php b/web/html/index.php
index 5814fec9..033a69e6 100644
--- a/web/html/index.php
+++ b/web/html/index.php
@@ -19,7 +19,10 @@ if (isset($_REQUEST["user"]) || isset($_REQUEST["pass"])) {
 	if (!$login_error) {
 		# Try and authenticate the user
 		#
-		$dbh = db_connect();
+    
+    #md5 hash it
+		$_REQUEST["pass"] = md5($_REQUEST["pass"]);
+    $dbh = db_connect();
 		$q = "SELECT ID, Suspended FROM Users ";
 		$q.= "WHERE Username = '" . mysql_escape_string($_REQUEST["user"]) . "' ";
 		$q.= "AND Passwd = '" . mysql_escape_string($_REQUEST["pass"]) . "'";
-- 
cgit v1.2.3-24-g4f1b