svn commit: r368 - trunk/mapbender/http/php/mod_editSelf.php

[uli at osgeo.org]

Author: uli
Date: 2006-05-31 06:15:17+0000
New Revision: 368

Modified:
   trunk/mapbender/http/php/mod_editSelf.php

Log:
md5 string for passwords

Modified: trunk/mapbender/http/php/mod_editSelf.php
Url: https://mapbender.osgeo.org/source/browse/mapbender/trunk/mapbender/http/php/mod_editSelf.php?view=diff&rev=368&p1=trunk/mapbender/http/php/mod_editSelf.php&p2=trunk/mapbender/http/php/mod_editSelf.php&r1=367&r2=368
==============================================================================
--- trunk/mapbender/http/php/mod_editSelf.php	(original)
+++ trunk/mapbender/http/php/mod_editSelf.php	2006-05-31 06:15:17+0000
@@ -148,20 +148,8 @@
    else{
 		$sql = "Insert INTO mb_user (mb_user_name, mb_user_password,mb_user_owner, mb_user_description,";
 		$sql .= " mb_user_email, mb_user_phone, mb_user_department, mb_user_resolution) VALUES ";
-		$sql.= "($1, ";		
-		if(SYS_DBTYPE == "mysql") {
-			$sql .= "password($2)";
-		}
-		else {
-			if (MD5 == 'false'){
-				$sql .= "$2'";
-			}
-			else{
-				$sql .= "md5($2)";
-			}
-		}
-		$sql.= ", $3, $4, $5, $6, $7, $8);";
-		$v = array($name,$password,$owner_id,$description,$email,$phone,$department,$resolution);
+		$sql.= "($1, $2, $3, $4, $5, $6, $7, $8)";
+		$v = array($name,md5($password),$owner_id,$description,$email,$phone,$department,$resolution);
 		$t = array('s','s','i','s','s','s','s','i');
 		$res = db_prep_query($sql,$t,$v);
 		$selected_user = db_insert_id();
@@ -178,28 +166,16 @@
 		echo "<script language='JavaScript'>alert('Username must be unique!');</script>";
 	}
 	else{
-		$sql = "UPDATE mb_user SET mb_user_name = $1, mb_user_password = ";
-		if($password != ""){
-			if(SYS_DBTYPE == "mysql") {
-				$sql .= "password($2)";
-			}
-			else {
-				if (MD5 == 'false'){
-					$sql .= "$2'";
-				}
-				else{
-					$sql .= "md5($2)";
-				}
-			}
-		}
-		$sql.=", mb_user_description = $3";
-		$sql.=", mb_user_login_count = $4";
-		$sql.=", mb_user_email = $5";
-		$sql.=", mb_user_phone = $6";
-		$sql.=", mb_user_department = $7";
-		$sql.=", mb_user_resolution = $8";
-		$sql.=" where mb_user_id = $9";
-		$v = array($name,$password,$description,$login_count,$email,$phone,$department,$resolution,$selected_user);
+		$sql = "UPDATE mb_user SET mb_user_name = $1";
+		$sql .= ", mb_user_password = $2";
+		$sql .=", mb_user_description = $3";
+		$sql .=", mb_user_login_count = $4";
+		$sql .=", mb_user_email = $5";
+		$sql .=", mb_user_phone = $6";
+		$sql .=", mb_user_department = $7";
+		$sql .=", mb_user_resolution = $8";
+		$sql .=" where mb_user_id = $9";
+		$v = array($name,md5($password),$description,$login_count,$email,$phone,$department,$resolution,$selected_user);
 		$t = array('s','s','s','i','s','s','s','i','i');
 		$res = db_prep_query($sql,$v,$t);
 		if($password && $res){