diff options
| author | Nils Adermann <naderman@naderman.de> | 2007-03-31 16:44:18 +0000 |
|---|---|---|
| committer | Nils Adermann <naderman@naderman.de> | 2007-03-31 16:44:18 +0000 |
| commit | a43416dbb2019980913fbb6449adbe2e6a3fbea9 (patch) | |
| tree | 25af7514cb7ae9e11480e1fa09e271024f456733 /phpBB/includes/auth/auth_db.php | |
| parent | c6b0b621651e52bccc778cd9d1e8cf8cf02bc2de (diff) | |
| download | forums-a43416dbb2019980913fbb6449adbe2e6a3fbea9.tar forums-a43416dbb2019980913fbb6449adbe2e6a3fbea9.tar.gz forums-a43416dbb2019980913fbb6449adbe2e6a3fbea9.tar.bz2 forums-a43416dbb2019980913fbb6449adbe2e6a3fbea9.tar.xz forums-a43416dbb2019980913fbb6449adbe2e6a3fbea9.zip | |
- acp popup, shouldn't require 700 px width
- throw an error if an image that's edited into an imageset doesn't exist
- convert the password not its hash ;-)
- only update user_login_attempts if necessary
- make password requirements even clearer
git-svn-id: file:///svn/phpbb/trunk@7250 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes/auth/auth_db.php')
| -rw-r--r-- | phpBB/includes/auth/auth_db.php | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/phpBB/includes/auth/auth_db.php b/phpBB/includes/auth/auth_db.php index afea47d1c1..ff073c1fb7 100644 --- a/phpBB/includes/auth/auth_db.php +++ b/phpBB/includes/auth/auth_db.php @@ -114,7 +114,7 @@ function login_db(&$username, &$password) } // cp1252 is phpBB2's default encoding, characters outside ASCII range might work when converted into that encoding - if (md5($password_old_format) == $row['user_password'] || utf8_to_cp1252(md5($password_old_format)) == $row['user_password']) + if (md5($password_old_format) == $row['user_password'] || md5(utf8_to_cp1252($password_old_format)) == $row['user_password']) { // Update the password in the users table to the new format and remove user_pass_convert flag $sql = 'UPDATE ' . USERS_TABLE . ' @@ -147,11 +147,14 @@ function login_db(&$username, &$password) // Check password ... if (!$row['user_pass_convert'] && md5($password) == $row['user_password']) { - // Successful, reset login attempts (the user passed all stages) - $sql = 'UPDATE ' . USERS_TABLE . ' - SET user_login_attempts = 0 - WHERE user_id = ' . $row['user_id']; - $db->sql_query($sql); + if ($row['user_login_attempts'] != 0) + { + // Successful, reset login attempts (the user passed all stages) + $sql = 'UPDATE ' . USERS_TABLE . ' + SET user_login_attempts = 0 + WHERE user_id = ' . $row['user_id']; + $db->sql_query($sql); + } // User inactive... if ($row['user_type'] == USER_INACTIVE || $row['user_type'] == USER_IGNORE) |