From c9d771f7767a3e640e29c8317d1ac81be7c97b7e Mon Sep 17 00:00:00 2001 From: fisharebest Date: Tue, 20 Sep 2011 08:01:02 +0000 Subject: #849753 - Inconsistent password sanitation --- login.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'login.php') diff --git a/login.php b/login.php index 7c366bd874..8a59958080 100644 --- a/login.php +++ b/login.php @@ -21,7 +21,7 @@ // along with this program; if not, write to the Free Software // Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA // -// @version $Id$ +// $Id$ define('WT_SCRIPT_NAME', 'login.php'); require './includes/session.php'; @@ -31,7 +31,7 @@ $url =safe_POST('url', WT_REGEX_URL); $type =safe_POST('type', array('full', 'simple')); $action =safe_POST('action'); $username =safe_POST('username', WT_REGEX_USERNAME); -$password =safe_POST('password', WT_REGEX_PASSWORD); +$password =safe_POST('password', WT_REGEX_UNSAFE); // Can use any password that was previously stored $usertime =safe_POST('usertime'); $pid =safe_POST('pid', WT_REGEX_XREF); $ged =safe_POST('ged', preg_quote_array(get_all_gedcoms()), $GEDCOM); -- cgit v1.3