diff options
Diffstat (limited to 'phpBB/includes/auth/auth_db.php')
| -rw-r--r-- | phpBB/includes/auth/auth_db.php | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/phpBB/includes/auth/auth_db.php b/phpBB/includes/auth/auth_db.php index 402f22f827..2744b16c53 100644 --- a/phpBB/includes/auth/auth_db.php +++ b/phpBB/includes/auth/auth_db.php @@ -100,9 +100,15 @@ function login_db(&$username, &$password) /*if ($row['user_pass_convert']) { // in phpBB2 passwords were used exactly as they were sent, with addslashes applied + $disabled = request::super_globals_disabled(); + request::enable_super_globals(); $password_old_format = isset($_REQUEST['password']) ? (string) $_REQUEST['password'] : ''; $password_old_format = (!STRIP) ? addslashes($password_old_format) : $password_old_format; $password_new_format = ''; + if ($disabled) + { + request::disable_super_globals(); + } set_var($password_new_format, stripslashes($password_old_format), 'string'); |