ISPConfig3 devel
blame | history | patch | commit | commitdiff | ignore whitespace
tbrehm
2011-04-26 80e3c9acf3fc9b6d15ea4fea7c89e0a2e12db412 
 interface/web/login/index.php


@@ -106,21 +106,27 @@


              if($alreadyfailed['times'] > 5) {


                 $error = $app->lng('error_user_too_many_logins');


              } else {


	        		


               if ($loginAs){


                    $sql = "SELECT * FROM sys_user WHERE USERNAME = '$username' and PASSWORT = '". $passwort. "'";


                  $user = $app->db->queryOneRecord($sql);


               } else {


                    $sql = "SELECT * FROM sys_user WHERE USERNAME = '$username'";


                  $user = $app->db->queryOneRecord($sql);




                  if($user && $user['active'] == 1) {


							


                     $saved_password = stripslashes($user['passwort']);


							


                     if(substr($saved_password,0,3) == '$1$') {


                        //* The password is crypt-md5 encrypted


                        $salt = '$1$'.substr($saved_password,3,8).'$';


								


                        if(crypt($passwort,$salt) != $saved_password) {


                           $user = false;


                        }


                     } else {


								


                        //* The password is md5 encrypted


                        if(md5($passwort) != $saved_password) {


                           $user = false;