kashire/lainchan
4
0
Fork 0
Code Issues 1 Pull Requests Releases Wiki Activity

Security: capitalization of mods username is significant

Browse Source
This commit is contained in:
8chan Admin 2014-02-13 01:04:32 +00:00 committed by czaks
parent d310abc95c
commit 93f748e6a8
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
inc/mod/auth.php
View File

@ -76,7 +76,7 @@ function generate_salt() {
function login($username, $password) {
global $mod, $config;
$query = prepare("SELECT `id`, `type`, `boards`, `password`, `version` FROM ``mods`` WHERE `username` = :username");
$query = prepare("SELECT `id`, `type`, `boards`, `password`, `version` FROM ``mods`` WHERE BINARY `username` = :username");
$query->bindValue(':username', $username);
$query->execute() or error(db_error($query));