svn commit: r295 - trunk/mapbender/http/php/mod_changePassword.php
uli at osgeo.org
uli at osgeo.org
Tue May 16 03:12:27 EDT 2006
Author: uli
Date: 2006-05-16 07:12:27+0000
New Revision: 295
Modified:
trunk/mapbender/http/php/mod_changePassword.php
Log:
db_preb_query included
Modified: trunk/mapbender/http/php/mod_changePassword.php
Url: https://mapbender.osgeo.org/source/browse/mapbender/trunk/mapbender/http/php/mod_changePassword.php?view=diff&rev=295&p1=trunk/mapbender/http/php/mod_changePassword.php&p2=trunk/mapbender/http/php/mod_changePassword.php&r1=294&r2=295
==============================================================================
--- trunk/mapbender/http/php/mod_changePassword.php (original)
+++ trunk/mapbender/http/php/mod_changePassword.php 2006-05-16 07:12:27+0000
@@ -113,26 +113,36 @@
/* handle INSERT and DELETE */
if($upd){
- $sql_user_id = "SELECT mb_user_id FROM mb_user WHERE mb_user_id='".$logged_user_id."';";
- $res_user_id = db_query($sql_user_id);
+ $sql_user_id = "SELECT mb_user_id FROM mb_user WHERE mb_user_id = $1 ";
+ $v = array($logged_user_id);
+ $t = array('i');
+ $res_user_id = db_prep_query($sql_user_id,$v,$t);
$real_user_id = db_result($res_user_id,0,"mb_user_id");
- $sql_password = "SELECT mb_user_password,mb_user_password='".$newpassword."' as new FROM mb_user where mb_user_id='".$real_user_id."'";
- $res_password = db_query($sql_password);
+ $sql_password = "SELECT mb_user_password, mb_user_password = $1 as new FROM mb_user where mb_user_id = $2";
+ $v = array($newpassword,$real_user_id);
+ $t = array('s','i');
+ $res_password = db_prep_query($sql_password,$v,$t);
if(db_result($res_password,0,"mb_user_password") != db_result($res_password,0,"new")){
- $sql_update = "UPDATE mb_user SET mb_user_password=";
+ $v = array();
+ $t = array();
+ $sql_update = "UPDATE mb_user SET mb_user_password = ";
if (SYS_DBTYPE=="mysql"){
- $sql_update.= "password('".$newpassword."')";
+ $sql_update.= "password($1)";
}
else{
if (MD5 == 'false'){
- $sql_update .= "'".$newpassword."'";
+ $sql_update .= "$1";
}
else{
- $sql_update .= "md5('".$newpassword."')";
+ $sql_update .= "md5($1)";
}
}
- $sql_update .= " WHERE mb_user_id='".$real_user_id."'";
- db_query($sql_update);
+ array_push($v,$newpassword);
+ array_push($t,'s');
+ $sql_update .= " WHERE mb_user_id = $2 ";
+ array_push($v,$real_user_id);
+ array_push($t,'i');
+ db_prep_query($sql_update,$v,$t);
echo "<script language='javascript'>";
//echo "alert('Passwort wurde geändert!');";
echo "alert('Password has been updated!');";
More information about the Mapbender_commits
mailing list