From 32138f1fbd7637dffaaad0c8ca677e43a0d13831 Mon Sep 17 00:00:00 2001 From: plegall Date: Fri, 15 May 2015 12:44:57 +0000 Subject: bug 3223 fixed: make sure we have found a user before validating the connection git-svn-id: http://piwigo.org/svn/branches/2.7@31167 68402e56-0260-453c-a942-63ccdbb3a9ee --- include/functions_user.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/functions_user.inc.php') diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php index 91bac83bb..96361930a 100644 --- a/include/functions_user.inc.php +++ b/include/functions_user.inc.php @@ -1120,7 +1120,7 @@ SELECT '.$conf['user_fields']['id'].' AS id, WHERE '.$conf['user_fields']['username'].' = \''.pwg_db_real_escape_string($username).'\' ;'; $row = pwg_db_fetch_assoc(pwg_query($query)); - if ($conf['password_verify']($password, $row['password'], $row['id'])) + if (isset($row['id']) and $conf['password_verify']($password, $row['password'], $row['id'])) { log_user($row['id'], $remember_me); trigger_notify('login_success', stripslashes($username)); -- cgit v1.2.3