harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

stronger type checking on comparisons

Browse Source
This commit is contained in:
Mike Macgirvin
2010-09-26 17:24:20 -07:00
parent 1105cdb065
commit 34eedb503a
19 changed files with 64 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
include/auth.php
View File

@@ -2,8 +2,8 @@
// login/logout
if((x($_SESSION,'authenticated')) && (! ($_POST['auth-params'] == 'login'))) {
if($_POST['auth-params'] == 'logout' || $a->module == "logout") {
if((x($_SESSION,'authenticated')) && (! ($_POST['auth-params'] === 'login'))) {
if($_POST['auth-params'] === 'logout' || $a->module === 'logout') {
unset($_SESSION['authenticated']);
unset($_SESSION['uid']);
unset($_SESSION['visitor_id']);
@@ -46,7 +46,7 @@ else {
$encrypted = hash('whirlpool',trim($_POST['password']));
if((x($_POST,'auth-params')) && $_POST['auth-params'] == 'login') {
if((x($_POST,'auth-params')) && $_POST['auth-params'] === 'login') {
$r = q("SELECT * FROM `user`
WHERE `email` = '%s' AND `password` = '%s' AND `blocked` = 0 AND `verified` = 1 LIMIT 1",
dbesc(trim($_POST['login-name'])),