> Hi, > > After my last flurry of activity, I've not had time to work on vegadns > and have just come back to it after a few days. > > I found I couldn't log in. > > I traced the SQL queries and the password was getting md5 applied twice. > > This patch fixes that: > > --- vegadns-0.9.9.1/src/functions.php 2005-09-10 17:48:07.000000000 > +0100 > +++ vegadns-0.9.9.1-working/src/functions.php 2006-04-30 > 09:50:19.000000000 +0100 > @@ -35,7 +35,7 @@ > mysql_query("delete from active_sessions where time < $oldsessions"); > $result = mysql_query("select Email from accounts where > Email='".mysql_real_escape_string(strtolower($email))."' and > - Password='".md5($password)."' and > + Password='".$password."' and > Status='active' LIMIT 1") or die(mysql_error()); > $resultarray = mysql_fetch_array($result); > if($resultarray['Email'] != "") { > > R.
Thanks for all your feedback. I'll be back to work on this stuff early this week, and will review all the changes and get them tested and hopefully integrated. Regards, Bill