diff options
author | plegall <plg@piwigo.org> | 2015-05-15 12:44:57 +0000 |
---|---|---|
committer | plegall <plg@piwigo.org> | 2015-05-15 12:44:57 +0000 |
commit | 32138f1fbd7637dffaaad0c8ca677e43a0d13831 (patch) | |
tree | b4cbd60a6fd0046179bfba5a85009475cf78c46d /include | |
parent | 42c04a1cb18b52b2a828fded23e413356fcf37a8 (diff) |
bug 3223 fixed: make sure we have found a user before validating the connection
git-svn-id: http://piwigo.org/svn/branches/2.7@31167 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'include')
-rw-r--r-- | include/functions_user.inc.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php index 91bac83bb..96361930a 100644 --- a/include/functions_user.inc.php +++ b/include/functions_user.inc.php @@ -1120,7 +1120,7 @@ SELECT '.$conf['user_fields']['id'].' AS id, WHERE '.$conf['user_fields']['username'].' = \''.pwg_db_real_escape_string($username).'\' ;'; $row = pwg_db_fetch_assoc(pwg_query($query)); - if ($conf['password_verify']($password, $row['password'], $row['id'])) + if (isset($row['id']) and $conf['password_verify']($password, $row['password'], $row['id'])) { log_user($row['id'], $remember_me); trigger_notify('login_success', stripslashes($username)); |