svn commit: r116 - trunk/mapbender/http/frames/login.php

uli at osgeo.org uli at osgeo.org
Thu Apr 20 04:25:47 EDT 2006


Author: uli
Date: 2006-04-20 08:25:47+0000
New Revision: 116

Modified:
   trunk/mapbender/http/frames/login.php

Log:
prepared query in process

Modified: trunk/mapbender/http/frames/login.php
Url: https://mapbender.osgeo.org/source/browse/mapbender/trunk/mapbender/http/frames/login.php?view=diff&rev=116&p1=trunk/mapbender/http/frames/login.php&p2=trunk/mapbender/http/frames/login.php&r1=115&r2=116
==============================================================================
--- trunk/mapbender/http/frames/login.php	(original)
+++ trunk/mapbender/http/frames/login.php	2006-04-20 08:25:47+0000
@@ -98,12 +98,13 @@
 }
 session_start();
 if(isset($name) && $name != '' && isset($password) && $password != ''){
-	$sql_count = "SELECT mb_user_login_count FROM mb_user WHERE mb_user_name = '".$name."'";
-	$res_count = db_query($sql_count);
-	
+	$sql_count = "SELECT mb_user_login_count FROM mb_user WHERE mb_user_name = $1";
+	$params = array($name);
+	$types = array('s');
+	$res_count = db_prep_query($sql_count,$params,$types);
 	if($row = db_fetch_array($res_count)){
-		if($row["mb_user_login_count"] > $loginMax){
-			echo "Permission denied. Login failed ".$loginMax." times. Your account has been deactivated. Please contact your administrator!";
+		if($row["mb_user_login_count"] > MAXLOGIN){
+			echo "Permission denied. Login failed ".MAXLOGIN." times. Your account has been deactivated. Please contact your administrator!";
 			die();
 		}
 	}




More information about the Mapbender_commits mailing list