diff options
| author | Dries Buytaert <dries@buytaert.net> | 2000-11-13 08:17:45 +0000 |
|---|---|---|
| committer | Dries Buytaert <dries@buytaert.net> | 2000-11-13 08:17:45 +0000 |
| commit | 9559f61fcab156477dd45f4926664b74c3c2d65d (patch) | |
| tree | 4c0fb62ac3dca254a2c22023e81d50eb51e579a1 /includes/user.inc | |
| parent | d4fc1dfa888305c57f52730ba9dcec800896c004 (diff) | |
| download | brdo-9559f61fcab156477dd45f4926664b74c3c2d65d.tar.gz brdo-9559f61fcab156477dd45f4926664b74c3c2d65d.tar.bz2 | |
Another batch with a lot of internal updates, yet no visual changes to the
site:
- watchdog (rewrite):
+ the collected information provides more details and insights
for post-mortem research
+ input limitation
- database abstraction layer:
+ mysql errors are now verbose and is no longer displayed in a
browser - fixes a possible security risk
- admin.php:
+ updated watchdog page
+ fixed security flaw
- diary.php:
+ fixed nl2br problem
- themes:
+ fixed comment bug in all 3 themes.
- misc:
+ renamed some global variables for sake of consistency:
$sitename --> $site_name
$siteurl --> $site_url
+ added input check where (a) exploitable and (b) possible
+ added input size check
+ various small improvements
+ fixed various typoes
... and much, much more in fact.
Diffstat (limited to 'includes/user.inc')
| -rw-r--r-- | includes/user.inc | 4 |
1 files changed, 0 insertions, 4 deletions
diff --git a/includes/user.inc b/includes/user.inc index 62e5547be..0db582121 100644 --- a/includes/user.inc +++ b/includes/user.inc @@ -1,9 +1,5 @@ <? -$permissions = array("Administrator" => 0x00000001, - "User manager" => 0x00000002, - "News manager" => 0x00000004); - class User { function User($userid, $passwd = "") { $result = db_query("SELECT * FROM users WHERE LOWER(userid) = LOWER('$userid') && passwd = PASSWORD('$passwd') && STATUS = 2"); |