diff options
| author | fisharebest <fisharebest@gmail.com> | 2011-09-20 08:01:02 +0000 |
|---|---|---|
| committer | fisharebest <fisharebest@gmail.com> | 2011-09-20 08:01:02 +0000 |
| commit | c9d771f7767a3e640e29c8317d1ac81be7c97b7e (patch) | |
| tree | 55c67d75f221cd09d7b31b5bce486bd8648865f9 /login.php | |
| parent | 791fbb63c5f9f74331d9e77dcbd52fbf29115761 (diff) | |
| download | webtrees-c9d771f7767a3e640e29c8317d1ac81be7c97b7e.tar.gz webtrees-c9d771f7767a3e640e29c8317d1ac81be7c97b7e.tar.bz2 webtrees-c9d771f7767a3e640e29c8317d1ac81be7c97b7e.zip | |
#849753 - Inconsistent password sanitation
Diffstat (limited to 'login.php')
| -rw-r--r-- | login.php | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -21,7 +21,7 @@ // along with this program; if not, write to the Free Software // Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA // -// @version $Id$ +// $Id$ define('WT_SCRIPT_NAME', 'login.php'); require './includes/session.php'; @@ -31,7 +31,7 @@ $url =safe_POST('url', WT_REGEX_URL); $type =safe_POST('type', array('full', 'simple')); $action =safe_POST('action'); $username =safe_POST('username', WT_REGEX_USERNAME); -$password =safe_POST('password', WT_REGEX_PASSWORD); +$password =safe_POST('password', WT_REGEX_UNSAFE); // Can use any password that was previously stored $usertime =safe_POST('usertime'); $pid =safe_POST('pid', WT_REGEX_XREF); $ged =safe_POST('ged', preg_quote_array(get_all_gedcoms()), $GEDCOM); |
