Changeset 65 for trunk


Ignore:
Timestamp:
Feb 5, 2009, 11:03:01 AM (16 years ago)
Author:
george
Message:
  • Opraveno: Kontrola přes haš funkci SHA1 nefungovala všude správně.
Location:
trunk
Files:
6 edited

Legend:

Unmodified
Added
Removed
  • trunk/dictionary.php

    r63 r65  
    2222  {
    2323    $User = $_SESSION['User'];
    24     $Pass = $_SESSION['Pass'];
     24    $Line = mysql_fetch_assoc($Database->SQLCommand("SELECT sha1('".$_SESSION['Pass']."') as pass;"));
     25    $Pass = $Line['pass'];
    2526   
    26     $Line = mysql_fetch_array($Database->SQLCommand("SELECT * FROM user WHERE LOWER(user) = LOWER('$User')"));
     27    $Line = mysql_fetch_assoc($Database->SQLCommand("SELECT * FROM user WHERE LOWER(user) = LOWER('$User')"));
    2728    if(!$Line)
    2829        {
     
    3738        } else return false;
    3839      } 
    39       if($Line['pass'] == sha1($Pass))
     40      if($Line['pass'] == $Pass)
    4041          {
    4142             
  • trunk/includes/global.php

    r63 r65  
    157157{
    158158  $_SESSION['User'] = $_POST['LoginUser'];
    159   $_SESSION['Pass'] = sha1($_POST['LoginPass']);
    160 
    161   $Line = mysql_fetch_array($Database->SQLCommand("SELECT * FROM user WHERE LOWER(user) = LOWER('".$_SESSION['User']."') AND pass = '".$_SESSION['Pass']."'"));
     159  $_SESSION['Pass'] = $_POST['LoginPass'];
     160
     161  $Line = mysql_fetch_array($Database->SQLCommand("SELECT * FROM user WHERE LOWER(user) = LOWER('".$_SESSION['User']."') AND pass = sha1('".$_SESSION['Pass']."')"));
    162162  if(!$Line)
    163163  {
  • trunk/includes/global_function.php

    r63 r65  
    7676    $Pass = $_SESSION['Pass'];
    7777    $Line = mysql_fetch_array($Database->SQLCommand('SELECT * FROM user WHERE ID = '.$_SESSION['UserID'].'
    78       AND GM >= '.$Licence.' AND pass = "'.$Pass.'"'));
     78      AND GM >= '.$Licence.' AND pass = sha1("'.$Pass.'")'));
    7979    //  echo "SELECT * FROM user WHERE ID = ".$_SESSION['UserID']." AND GM <= $Licence AND pass = '$Pass'";
    8080    return($Line);
  • trunk/registrace.php

    r63 r65  
    2323     
    2424      $_SESSION['User'] = $User;
    25       $_SESSION['Pass'] = sha1($Pass);
     25      $_SESSION['Pass'] = $Pass;
    2626   
    2727      $Line = mysql_fetch_array($Database->SQLCommand("SELECT ID FROM user WHERE user = '".$_SESSION['User']."'"));
  • trunk/save.php

    r54 r65  
    22
    33include('includes/global.php');
    4 
    54
    65// Ochrana proti neoprávněnému přístupu
  • trunk/sql/updates/64.sql

    r64 r65  
    6666ADD `Description` TEXT NOT NULL AFTER `Name` ;
    6767
     68INSERT INTO `group` (`Id`, `Name`, `TablePrefix`, `MangosDatabase`, `MangosTable`, `MangosTableIndex`, `DBCFileName`, `DBCColumns`) VALUES
     69(12, 'Herní tipy', 'gametips', '', '', '', 'GameTips', 'usuuuuuuuuuuuuuuuu'),
     70(13, 'Kouzla', 'spell', '', '', '', 'Spell', 'uuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuusssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu');
     71
     72
    6873INSERT INTO `group_item` (`Id`, `Group`, `Name`, `Column`, `MangosColumn`, `AddonFileName`, `DBCColumnIndex`) VALUES
    6974(42, 12, 'Text', 'Text', '', '', 1),
Note: See TracChangeset for help on using the changeset viewer.