summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--application/models/muser.php10
1 files changed, 9 insertions, 1 deletions
diff --git a/application/models/muser.php b/application/models/muser.php
index e9a38cfad..10d67e18f 100644
--- a/application/models/muser.php
+++ b/application/models/muser.php
@@ -21,7 +21,15 @@ class Muser extends CI_Model {
WHERE `username` = ?
', array($username))->row_array();
- if (crypt($password, $query["password"] == $password)) {
+ if (!isset($query["username"]) || $query["username"] !== $username) {
+ return false;
+ }
+
+ if (!isset($query["password"])) {
+ return false;
+ }
+
+ if (crypt($password, $query["password"]) === $query["password"]) {
$this->session->set_userdata('logged_in', true);
$this->session->set_userdata('username', $username);
return true;