From: Andrew Dolgov <fox@madoka.volgo-balt.ru>
Date: Tue, 22 Nov 2011 06:43:24 +0000 (+0400)
Subject: properly escape login and password in login_sequence() (refs #392)
X-Git-Tag: 1.5.7~2
X-Git-Url: https://git.wh0rd.org/?a=commitdiff_plain;h=92decf4f2ddb0c822e8d333ae66f4014f0bee253;p=tt-rss.git

properly escape login and password in login_sequence() (refs #392)
---

diff --git a/functions.php b/functions.php
index 49875085..10f8e034 100644
--- a/functions.php
+++ b/functions.php
@@ -2110,8 +2110,8 @@
 
 			# try to authenticate user if called from login form
 			if ($login_action == "do_login") {
-				$login = $_POST["login"];
-				$password = $_POST["password"];
+				$login = db_escape_string($_POST["login"]);
+				$password = db_escape_string($_POST["password"]);
 				$remember_me = $_POST["remember_me"];
 
 				if (authenticate_user($link, $login, $password)) {
diff --git a/modules/pref-prefs.php b/modules/pref-prefs.php
index 838c722c..2ab79db0 100644
--- a/modules/pref-prefs.php
+++ b/modules/pref-prefs.php
@@ -21,9 +21,9 @@
 
 		if ($subop == "change-password") {
 
-			$old_pw = $_POST["old_password"];
-			$new_pw = $_POST["new_password"];
-			$con_pw = $_POST["confirm_password"];
+			$old_pw = db_escape_string($_POST["old_password"]);
+			$new_pw = db_escape_string($_POST["new_password"]);
+			$con_pw = db_escape_string($_POST["confirm_password"]);
 
 			if ($old_pw == "") {
 				print "ERROR: ".__("Old password cannot be blank.");