svn commit: r116 - trunk/mapbender/http/frames/login.php
uli at osgeo.org
uli at osgeo.org
Thu Apr 20 04:25:47 EDT 2006
Author: uli
Date: 2006-04-20 08:25:47+0000
New Revision: 116
Modified:
trunk/mapbender/http/frames/login.php
Log:
prepared query in process
Modified: trunk/mapbender/http/frames/login.php
Url: https://mapbender.osgeo.org/source/browse/mapbender/trunk/mapbender/http/frames/login.php?view=diff&rev=116&p1=trunk/mapbender/http/frames/login.php&p2=trunk/mapbender/http/frames/login.php&r1=115&r2=116
==============================================================================
--- trunk/mapbender/http/frames/login.php (original)
+++ trunk/mapbender/http/frames/login.php 2006-04-20 08:25:47+0000
@@ -98,12 +98,13 @@
}
session_start();
if(isset($name) && $name != '' && isset($password) && $password != ''){
- $sql_count = "SELECT mb_user_login_count FROM mb_user WHERE mb_user_name = '".$name."'";
- $res_count = db_query($sql_count);
-
+ $sql_count = "SELECT mb_user_login_count FROM mb_user WHERE mb_user_name = $1";
+ $params = array($name);
+ $types = array('s');
+ $res_count = db_prep_query($sql_count,$params,$types);
if($row = db_fetch_array($res_count)){
- if($row["mb_user_login_count"] > $loginMax){
- echo "Permission denied. Login failed ".$loginMax." times. Your account has been deactivated. Please contact your administrator!";
+ if($row["mb_user_login_count"] > MAXLOGIN){
+ echo "Permission denied. Login failed ".MAXLOGIN." times. Your account has been deactivated. Please contact your administrator!";
die();
}
}
More information about the Mapbender_commits
mailing list