pref_users: do not escape password to prevent special character

author Andrew Dolgov <fox@madoka.volgo-balt.ru>

Wed, 27 Mar 2013 09:45:10 +0000 (13:45 +0400)

committer Andrew Dolgov <fox@madoka.volgo-balt.ru>

Wed, 27 Mar 2013 09:47:35 +0000 (13:47 +0400)
author Andrew Dolgov <fox@madoka.volgo-balt.ru>
Wed, 27 Mar 2013 09:45:10 +0000 (13:45 +0400)
committer Andrew Dolgov <fox@madoka.volgo-balt.ru>
Wed, 27 Mar 2013 09:47:35 +0000 (13:47 +0400)
diff --git a/classes/pref/users.php b/classes/pref/users.php

index 4055bca45d4234c54c64d9f6be03d2ee7c7dbf98..45260fd9332f260eee50c73969f04d5c207e2779 100644 (file)
--- a/classes/pref/users.php
+++ b/classes/pref/users.php
@@ -203,7 +203,7 @@ class Pref_Users extends Handler_Protected {
                         $uid = db_escape_string($this->link, $_REQUEST["id"]);
                         $access_level = (int) $_REQUEST["access_level"];
                         $email = db_escape_string($this->link, trim($_REQUEST["email"]));
-                       $password = db_escape_string($this->link, trim($_REQUEST["password"]));
+                       $password = $_REQUEST["password"];
  
                         if ($password) {
                                 $salt = substr(bin2hex(get_random_bytes(125)), 0, 250);
author	Andrew Dolgov <fox@madoka.volgo-balt.ru>
	Wed, 27 Mar 2013 09:45:10 +0000 (13:45 +0400)
committer	Andrew Dolgov <fox@madoka.volgo-balt.ru>
	Wed, 27 Mar 2013 09:47:35 +0000 (13:47 +0400)