diff options
| -rw-r--r-- | inc/auth.php | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/inc/auth.php b/inc/auth.php index e224b2fb5..7477ae7ef 100644 --- a/inc/auth.php +++ b/inc/auth.php @@ -95,9 +95,10 @@ function auth_setup() { $INPUT->set('http_credentials', true); } - // apply cleaning + // apply cleaning (auth specific user names, remove control chars) if (true === $auth->success) { - $INPUT->set('u', $auth->cleanUser($INPUT->str('u'))); + $INPUT->set('u', $auth->cleanUser(stripctl($INPUT->str('u')))); + $INPUT->set('p', stripctl($INPUT->str('p'))); } if($INPUT->str('authtok')) { |