diff options
author | Yorhel <git@yorhel.nl> | 2010-12-05 18:39:58 +0100 |
---|---|---|
committer | Yorhel <git@yorhel.nl> | 2010-12-05 18:39:58 +0100 |
commit | 1c3df5b1f154cb1a7f5f3ae8d3e4cffcd7043a7e (patch) | |
tree | 1232c48cbb0fb889ffc9ed8dde0640a27b7b935b /lib/Multi | |
parent | 9e13837c11c41e9b6f2286b1dbd5b2154ce8bc68 (diff) |
Multi::API: Check for existence of user/pass rather than their value
A login with an empty username and password shouldn't work...
Diffstat (limited to 'lib/Multi')
-rw-r--r-- | lib/Multi/API.pm | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/Multi/API.pm b/lib/Multi/API.pm index 1f16f29f..67002701 100644 --- a/lib/Multi/API.pm +++ b/lib/Multi/API.pm @@ -384,11 +384,11 @@ sub login { } return cerr $c, badarg => 'Unknown protocol version', field => 'protocol' if $arg->{protocol} ne '1'; return cerr $c, badarg => 'The fields "username" and "password" must either both be present or both be missing.', field => 'username' - if $arg->{username} && !$arg->{password} || $arg->{password} && !$arg->{username}; + if exists $arg->{username} && !exists $arg->{password} || exists $arg->{password} && !exists $arg->{username}; return cerr $c, badarg => 'Invalid client name', field => 'client' if $arg->{client} !~ /^[a-zA-Z0-9 _-]{3,50}$/; return cerr $c, badarg => 'Invalid client version', field => 'clientver' if $arg->{clientver} !~ /^[a-zA-Z0-9_.\/-]{1,25}$/; - if($arg->{username}) { + if(exists $arg->{username}) { # fetch user info $_[KERNEL]->post(pg => query => "SELECT rank, salt, encode(passwd, 'hex') as passwd FROM users WHERE username = ?", [ $arg->{username} ], 'login_res', [ $c, $arg ]); |