archive/piwigo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

bug 3223 fixed: make sure we have found a user before validating the connection

Browse source 
git-svn-id: http://piwigo.org/svn/branches/2.7@31167 68402e56-0260-453c-a942-63ccdbb3a9ee
This commit is contained in:
plegall 2015-05-15 12:44:57 +00:00
parent 42c04a1cb1
commit 32138f1fbd
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
include/functions_user.inc.php
View file

@ -1120,7 +1120,7 @@ SELECT '.$conf['user_fields']['id'].' AS id,
WHERE '.$conf['user_fields']['username'].' = \''.pwg_db_real_escape_string($username).'\'
;';
$row = pwg_db_fetch_assoc(pwg_query($query));
if ($conf['password_verify']($password, $row['password'], $row['id']))
if (isset($row['id']) and $conf['password_verify']($password, $row['password'], $row['id']))
{
log_user($row['id'], $remember_me);
trigger_notify('login_success', stripslashes($username));