From 5081319e23daad80694701866e7aa0297f02ca53 Mon Sep 17 00:00:00 2001 From: Andrew Dolgov Date: Fri, 27 Jan 2012 12:27:27 +0400 Subject: [PATCH] authenticate_user: check for missing login when selecting salt --- include/functions.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/include/functions.php b/include/functions.php index 3ace20f8..44331d72 100644 --- a/include/functions.php +++ b/include/functions.php @@ -715,6 +715,10 @@ $result = db_query($link, "SELECT salt FROM ttrss_users WHERE login = '$login'"); + if (db_num_rows($result) != 1) { + return false; + } + $salt = db_fetch_result($result, 0, "salt"); if ($salt == "") { -- 2.39.5