jeroen/opensmtpdadmin
1
0
Fork 0
Code Pull Requests Releases Activity

Update login.php and users/login.php: change filtering technique

Browse Source
This commit is contained in:
Jeroen 2022-08-22 21:42:21 +02:00
parent 5c0734b7ab
commit 33dcfbd68e
Signed by: jeroen
GPG Key ID: 7C7028F783798BAB
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
login.php
View File

@ -26,7 +26,7 @@ require("./functions.inc.php");
include("./languages/" . check_language () . ".lang"); include("./languages/" . check_language () . ".lang");
if ($_SERVER['REQUEST_METHOD'] == "POST") { if ($_SERVER['REQUEST_METHOD'] == "POST") {
$fUsername = escape_string ($_POST['fUsername']); $fUsername = filter_input(INPUT_POST, 'fUsername', FILTER_VALIDATE_EMAIL);
$fPassword = escape_string ($_POST['fPassword']); $fPassword = escape_string ($_POST['fPassword']);
$result = db_query("SELECT password FROM admin WHERE username='$fUsername' AND active='1'"); $result = db_query("SELECT password FROM admin WHERE username='$fUsername' AND active='1'");

2
users/login.php
View File

@ -26,7 +26,7 @@ require("../functions.inc.php");
include("../languages/" . check_language() . ".lang"); include("../languages/" . check_language() . ".lang");
if ($_SERVER['REQUEST_METHOD'] == "POST") { if ($_SERVER['REQUEST_METHOD'] == "POST") {
$fUsername = escape_string($_POST['fUsername']); $fUsername = filter_input(INPUT_POST, 'fUsername', FILTER_VALIDATE_EMAIL);
$fPassword = escape_string($_POST['fPassword']); $fPassword = escape_string($_POST['fPassword']);
$result = db_query("SELECT password FROM mailbox WHERE username='$fUsername' AND active='1'"); $result = db_query("SELECT password FROM mailbox WHERE username='$fUsername' AND active='1'");