summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--login.php4
-rw-r--r--login_register.php4
2 files changed, 4 insertions, 4 deletions
diff --git a/login.php b/login.php
index 7c366bd874..8a59958080 100644
--- a/login.php
+++ b/login.php
@@ -21,7 +21,7 @@
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
//
-// @version $Id$
+// $Id$
define('WT_SCRIPT_NAME', 'login.php');
require './includes/session.php';
@@ -31,7 +31,7 @@ $url =safe_POST('url', WT_REGEX_URL);
$type =safe_POST('type', array('full', 'simple'));
$action =safe_POST('action');
$username =safe_POST('username', WT_REGEX_USERNAME);
-$password =safe_POST('password', WT_REGEX_PASSWORD);
+$password =safe_POST('password', WT_REGEX_UNSAFE); // Can use any password that was previously stored
$usertime =safe_POST('usertime');
$pid =safe_POST('pid', WT_REGEX_XREF);
$ged =safe_POST('ged', preg_quote_array(get_all_gedcoms()), $GEDCOM);
diff --git a/login_register.php b/login_register.php
index 51e0a68eb4..6637c45552 100644
--- a/login_register.php
+++ b/login_register.php
@@ -21,7 +21,7 @@
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
//
-// @version $Id$
+// $Id$
define('WT_SCRIPT_NAME', 'login_register.php');
require './includes/session.php';
@@ -40,7 +40,7 @@ $user_password02=safe_POST('user_password02', WT_REGEX_PASSWORD);
$user_language =safe_POST('user_language', array_keys(WT_I18N::installed_languages()), WT_LOCALE);
$user_gedcomid =safe_POST('user_gedcomid');
$user_comments =safe_POST('user_comments');
-$user_password =safe_POST('user_password');
+$user_password =safe_POST('user_password', WT_REGEX_UNSAFE); // Can use any password that was previously stored
$user_hashcode =safe_POST('user_hashcode');
if (empty($action)) $action = safe_GET('action');
if (empty($user_name)) $user_name = safe_GET('user_name', WT_REGEX_USERNAME);