From 28e23308d4e15c8883b8c36b24e4395487004d95 Mon Sep 17 00:00:00 2001 From: jchu Date: Fri, 21 Jan 2005 14:50:25 +0000 Subject: added hashed passwords --- web/html/index.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'web/html') diff --git a/web/html/index.php b/web/html/index.php index 5814fec9..033a69e6 100644 --- a/web/html/index.php +++ b/web/html/index.php @@ -19,7 +19,10 @@ if (isset($_REQUEST["user"]) || isset($_REQUEST["pass"])) { if (!$login_error) { # Try and authenticate the user # - $dbh = db_connect(); + + #md5 hash it + $_REQUEST["pass"] = md5($_REQUEST["pass"]); + $dbh = db_connect(); $q = "SELECT ID, Suspended FROM Users "; $q.= "WHERE Username = '" . mysql_escape_string($_REQUEST["user"]) . "' "; $q.= "AND Passwd = '" . mysql_escape_string($_REQUEST["pass"]) . "'"; -- cgit v1.2.3-24-g4f1b