kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Allowing only Letters and numberes on sql password

This commit is contained in:
Steven Mondji-Lerider 2012-09-10 09:00:17 +00:00
parent 7099ef1081
commit 1f13677bc1
2 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
bureau/admin/sql_users_dopassword.php
View File

@ -36,7 +36,10 @@ $fields = array (
getFields($fields); getFields($fields);
$mysql->change_user_password($id,$password,$passwordconf); $mysql->change_user_password($id,$password,$passwordconf);
$error=$err->errstr();
include("sql_users_list.php"); if(isset($error) && $error){
include("sql_users_password.php");
}else{
include("sql_users_list.php");
}
?> ?>

4
bureau/class/m_mysql.php
View File

@ -696,6 +696,10 @@ class m_mysql {
$usern=trim($usern); $usern=trim($usern);
$user=addslashes($usern); $user=addslashes($usern);
if(!preg_match("#^[0-9a-zA-Z_]*$#",$password)) {
$err->raise("mysql",_("Database password can contain only letters numbers and underscore."));
return false;
}
$pass=addslashes($password); $pass=addslashes($password);
if ($password != $passconf || !$password) { if ($password != $passconf || !$password) {
$err->raise("mysql",_("The passwords do not match.")); $err->raise("mysql",_("The passwords do not match."));