]> git.wh0rd.org Git - tt-rss.git/commitdiff
pref_users: do not escape password to prevent special character
authorAndrew Dolgov <fox@madoka.volgo-balt.ru>
Wed, 27 Mar 2013 09:45:10 +0000 (13:45 +0400)
committerAndrew Dolgov <fox@madoka.volgo-balt.ru>
Wed, 27 Mar 2013 09:47:35 +0000 (13:47 +0400)
mishandling; remove inconsistent trimming of passwords

classes/pref/users.php

index 4055bca45d4234c54c64d9f6be03d2ee7c7dbf98..45260fd9332f260eee50c73969f04d5c207e2779 100644 (file)
@@ -203,7 +203,7 @@ class Pref_Users extends Handler_Protected {
                        $uid = db_escape_string($this->link, $_REQUEST["id"]);
                        $access_level = (int) $_REQUEST["access_level"];
                        $email = db_escape_string($this->link, trim($_REQUEST["email"]));
-                       $password = db_escape_string($this->link, trim($_REQUEST["password"]));
+                       $password = $_REQUEST["password"];
 
                        if ($password) {
                                $salt = substr(bin2hex(get_random_bytes(125)), 0, 250);