onokazu
onoka****@users*****
2005年 6月 30日 (木) 01:40:24 JST
Index: xoops2jp/html/include/checklogin.php
diff -u xoops2jp/html/include/checklogin.php:1.2.6.1 xoops2jp/html/include/checklogin.php:1.2.6.1.2.1
--- xoops2jp/html/include/checklogin.php:1.2.6.1 Thu Mar 31 00:49:04 2005
+++ xoops2jp/html/include/checklogin.php Thu Jun 30 01:40:23 2005
@@ -1,5 +1,5 @@
<?php
-// $Id: checklogin.php,v 1.2.6.1 2005/03/30 15:49:04 onokazu Exp $
+// $Id: checklogin.php,v 1.2.6.1.2.1 2005/06/29 16:40:23 onokazu Exp $
// ------------------------------------------------------------------------ //
// XOOPS - PHP Content Management System //
// Copyright (c) 2000 XOOPS.org //
@@ -33,15 +33,15 @@
exit();
}
include_once XOOPS_ROOT_PATH.'/language/'.$xoopsConfig['language'].'/user.php';
-$uname = !isset($_POST['uname']) ? '' : trim($_POST['uname']);
-$pass = !isset($_POST['pass']) ? '' : trim($_POST['pass']);
+$myts =& MyTextsanitizer::getInstance();
+$uname = !isset($_POST['uname']) ? '' : $myts->stripSlashesGPC(trim($_POST['uname']));
+$pass = !isset($_POST['pass']) ? '' : $myts->stripSlashesGPC(trim($_POST['pass']));
if ($uname == '' || $pass == '') {
redirect_header(XOOPS_URL.'/user.php', 1, _US_INCORRECTLOGIN);
exit();
}
$member_handler =& xoops_gethandler('member');
-$myts =& MyTextsanitizer::getInstance();
-$user =& $member_handler->loginUser(addslashes($myts->stripSlashesGPC($uname)), addslashes($myts->stripSlashesGPC($pass)));
+$user =& $member_handler->loginUser($uname, $pass);
if (false != $user) {
if (0 == $user->getVar('level')) {
redirect_header(XOOPS_URL.'/index.php', 5, _US_NOACTTPADM);