stripslashes und erlaube Anführungszeichen im Passwort
bernd commited on 2007-11-16 16:36:04
Zeige 2 geänderte Dateien mit 5 Einfügungen und 3 Löschungen.
git-svn-id: https://svn.schokokeks.org/repos/tools/webinterface/trunk@788 87cf0b9e-d624-0410-a070-f6ee81989793
- modules/jabber/include/jabberaccounts.php 2a7e59f..611746c
- modules/jabber/save.php 75da04a..25a2229
| ... | ... |
@@ -44,9 +44,11 @@ function get_jabberaccount_details($id) |
| 44 | 44 |
function valid_jabber_password($pass) |
| 45 | 45 |
{
|
| 46 | 46 |
// Hier könnten erweiterte Checks stehen wenn nötig. |
| 47 |
- $foo = ereg_replace('["\']', '', $pass);
|
|
| 47 |
+ /*$foo = ereg_replace('["\']', '', $pass);
|
|
| 48 | 48 |
DEBUG("\$foo = {$foo} / \$pass = {$pass}");
|
| 49 | 49 |
return ($foo == $pass); |
| 50 |
+ */ |
|
| 51 |
+ return true; |
|
| 50 | 52 |
} |
| 51 | 53 |
|
| 52 | 54 |
|
| ... | ... |
@@ -23,7 +23,7 @@ if ($_GET['action'] == 'new') |
| 23 | 23 |
} |
| 24 | 24 |
else |
| 25 | 25 |
{
|
| 26 |
- create_jabber_account($_POST['local'], $_POST['domain'], $_POST['password']); |
|
| 26 |
+ create_jabber_account($_POST['local'], $_POST['domain'], stripslashes($_POST['password'])); |
|
| 27 | 27 |
if (! $debugmode) |
| 28 | 28 |
header('Location: accounts.php');
|
| 29 | 29 |
} |
| ... | ... |
@@ -41,7 +41,7 @@ elseif ($_GET['action'] == 'chpass') |
| 41 | 41 |
} |
| 42 | 42 |
else |
| 43 | 43 |
{
|
| 44 |
- change_jabber_password($_POST['accountid'], $_POST['newpass']); |
|
| 44 |
+ change_jabber_password($_POST['accountid'], stripslashes($_POST['newpass'])); |
|
| 45 | 45 |
if (! $debugmode) |
| 46 | 46 |
header('Location: accounts.php');
|
| 47 | 47 |
} |
| 48 | 48 |