diff options
| author | Nils Adermann <naderman@naderman.de> | 2006-10-13 22:10:18 +0000 |
|---|---|---|
| committer | Nils Adermann <naderman@naderman.de> | 2006-10-13 22:10:18 +0000 |
| commit | c65048bd9132175e9ba780457fdf00438932c5fe (patch) | |
| tree | f664b7b45b4fcd0bea7b1e41e03c03c683e03d6e /phpBB/includes/functions.php | |
| parent | 23d25ddcd169578b8fdf9ddbb35b5041ffbfd7ac (diff) | |
| download | forums-c65048bd9132175e9ba780457fdf00438932c5fe.tar forums-c65048bd9132175e9ba780457fdf00438932c5fe.tar.gz forums-c65048bd9132175e9ba780457fdf00438932c5fe.tar.bz2 forums-c65048bd9132175e9ba780457fdf00438932c5fe.tar.xz forums-c65048bd9132175e9ba780457fdf00438932c5fe.zip | |
- introducing clean usernames, needs to be tested more, I'm not sure I didn't miss anything
- homograph list should probably be extended
git-svn-id: file:///svn/phpbb/trunk@6494 89ea8834-ac86-4346-8a33-228a782c2dd0
Diffstat (limited to 'phpBB/includes/functions.php')
| -rw-r--r-- | phpBB/includes/functions.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/phpBB/includes/functions.php b/phpBB/includes/functions.php index 4fbac96fe2..b050b6f5a4 100644 --- a/phpBB/includes/functions.php +++ b/phpBB/includes/functions.php @@ -1830,14 +1830,14 @@ function login_box($redirect = '', $l_explain = '', $l_success = '', $admin = fa if (isset($_POST['login'])) { - $username = request_var('username', ''); - $password = request_var('password', ''); + $username = request_var('username', '', true); + $password = request_var('password', '', true); $autologin = (!empty($_POST['autologin'])) ? true : false; $viewonline = (!empty($_POST['viewonline'])) ? 0 : 1; $admin = ($admin) ? 1 : 0; // Check if the supplied username is equal to the one stored within the database if re-authenticating - if ($admin && utf8_strtolower($username) != utf8_strtolower($user->data['username'])) + if ($admin && utf8_clean_string($username) != utf8_clean_string($user->data['username'])) { // We log the attempt to use a different username... add_log('admin', 'LOG_ADMIN_AUTH_FAIL'); |