Refactor the way error is thrown in ask salt.
This commit is contained in:
parent
ad07c3fc51
commit
b6a989599c
1 changed files with 7 additions and 8 deletions
|
@ -40,16 +40,15 @@ class ConnectionHandler
|
|||
private function askSalt($login, $lang)
|
||||
{
|
||||
setMsgLanguage($lang);
|
||||
$escaped_login = $mysqli->escape_string($login);
|
||||
$escaped_login = $this->db_Connection->escape_string($login);
|
||||
if ($stmt = $this->db_Connection->prepare('SELECT Password FROM user WHERE Login=\'?\' LIMIT 1')) {
|
||||
if ($stmt = mysqli_prepare('SELECT TOP 1 Password FROM user WHERE Login=\'?\'')) {
|
||||
$stmt->bind_param("s", $escaped_login);
|
||||
$stmt->execute();
|
||||
$stmt->bind_result($password) or die(errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
|
||||
if ($stmt->num_rows == 1 && $stmt->fetch()) {
|
||||
$salt = get_salt($password);
|
||||
$stmt->bind_result($password) or die(errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, $this->db_Connection->error));
|
||||
if ($stmt->fetch() && $stmt->num_rows == 1) {
|
||||
$salt = '1:' . get_salt($password);
|
||||
} else {
|
||||
die(errorMsgBlock(2001, $login, 'askSalt'));
|
||||
$salt = errorMsgBlock(2001, $login, 'askSalt');
|
||||
}
|
||||
$stmt->close();
|
||||
}
|
||||
|
@ -113,10 +112,10 @@ class ConnectionHandler
|
|||
{
|
||||
switch ($command->cmd) {
|
||||
case 'ask':
|
||||
echo '1:' . askSalt($command->login, $command->submittedLang);
|
||||
echo askSalt($command->login, $command->submittedLang);
|
||||
break;
|
||||
case 'login-https':
|
||||
$salt = askSalt($command->login, $command->submittedLang);
|
||||
$salt = substr(askSalt($command->login, $command->submittedLang), 2);
|
||||
$generated_password = crypt($command->password, sprintf('$6$rounds=%d$%s$', 5000, $salt));
|
||||
login($command->login, $generated_password, $command->clientApplication, $command->cp, $command->submittedLang);
|
||||
break;
|
||||
|
|
Loading…
Reference in a new issue