- Bugfix: removed redundant check_input()s such that quotes are handled

  properly.  You couldn't use a username or passwords that had quotes.

1 files changed, 6 insertions, 6 deletions

diff --git a/modules/user/user.module b/modules/user/user.module
index c794a8e57..94fc94ff2 100644
--- a/modules/user/user.module
+++ b/modules/user/user.module
@@ -533,8 +533,8 @@ function user_login($edit = array(), $msg = "") {
     */
 
     if (!$user) {
-      $name = check_input($edit["name"]);
-      $pass = check_input($edit["pass"]);
+      $name = $edit["name"];
+      $pass = $edit["pass"];
       $user = user_load(array("name" => $name, "pass" => $pass, "status" => 1));
     }
 
@@ -543,11 +543,11 @@ function user_login($edit = array(), $msg = "") {
     */
 
     if ($server = strrchr($edit["name"], "@")) {
-      $name = check_input(substr($edit["name"], 0, strlen($edit["name"]) - strlen($server)));
-      $server = check_input(substr($server, 1));
-      $pass = check_input($edit["pass"]);
+      $name = substr($edit["name"], 0, strlen($edit["name"]) - strlen($server));
+      $server = substr($server, 1);
+      $pass = $edit["pass"];
     }
-
+    
     /*
     ** When possible, determine corrosponding external auth source. Invoke source, and login user if successful:
     */