auth/sql.php

mailling@bigfoot.com mailling@bigfoot.com
Wed, 18 Jul 2001 19:18:25 -0500

Previous message: [dev] xhtml
Next message: [dev] auth/sql.php
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I tried to add a user, and it seems that in the code of the add method, a 
quote is missing for the userid
we need to repleace:
         $query .= 'VALUES (' . $this->db->quoteString($userID) . ", '" . 
md5($credentials['password']) . "')";
by:
         $query .= 'VALUES ("' . $this->db->quoteString($userID) . '", "' . 
md5($credentials['password']) . '")";
or:
          $query .= sprintf("VALUES ('%s', '%s' )", 
$this->db->quoteString($userID), md5($credentials['password'] ));

Maybe be easier to get for the quotes?

Previous message: [dev] xhtml
Next message: [dev] auth/sql.php
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]