From 80e3c9acf3fc9b6d15ea4fea7c89e0a2e12db412 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Tue, 26 Apr 2011 06:41:58 -0400
Subject: [PATCH] - Improved nginx reverse proxy support. - Added UFW firewall support.

---
 interface/web/login/index.php |    6 ++++++
 1 files changed, 6 insertions(+), 0 deletions(-)

diff --git a/interface/web/login/index.php b/interface/web/login/index.php
index be91708..9216f79 100644
--- a/interface/web/login/index.php
+++ b/interface/web/login/index.php
@@ -106,21 +106,27 @@
 	        	if($alreadyfailed['times'] > 5) {
 	        		$error = $app->lng('error_user_too_many_logins');
 	        	} else {
+	        		
 					if ($loginAs){
 			        	$sql = "SELECT * FROM sys_user WHERE USERNAME = '$username' and PASSWORT = '". $passwort. "'";
 						$user = $app->db->queryOneRecord($sql);
 					} else {
 			        	$sql = "SELECT * FROM sys_user WHERE USERNAME = '$username'";
 						$user = $app->db->queryOneRecord($sql);
+
 						if($user && $user['active'] == 1) {
+							
 							$saved_password = stripslashes($user['passwort']);
+							
 							if(substr($saved_password,0,3) == '$1$') {
 								//* The password is crypt-md5 encrypted
 								$salt = '$1$'.substr($saved_password,3,8).'$';
+								
 								if(crypt($passwort,$salt) != $saved_password) {
 									$user = false;
 								}
 							} else {
+								
 								//* The password is md5 encrypted
 								if(md5($passwort) != $saved_password) {
 									$user = false;

--
Gitblit v1.9.1