diff options
Diffstat (limited to 'application')
-rw-r--r-- | application/models/muser.php | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/application/models/muser.php b/application/models/muser.php index e9a38cfad..10d67e18f 100644 --- a/application/models/muser.php +++ b/application/models/muser.php @@ -21,7 +21,15 @@ class Muser extends CI_Model { WHERE `username` = ? ', array($username))->row_array(); - if (crypt($password, $query["password"] == $password)) { + if (!isset($query["username"]) || $query["username"] !== $username) { + return false; + } + + if (!isset($query["password"])) { + return false; + } + + if (crypt($password, $query["password"]) === $query["password"]) { $this->session->set_userdata('logged_in', true); $this->session->set_userdata('username', $username); return true; |