ThaMunsta/itflow
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update post.php

Browse Source 
Bugfix login username not being encrypted when added as part of the asset add flow
This commit is contained in:
wrongecho
2023-02-05 08:29:28 +00:00
committed by GitHub
parent 04e4ccb9cf
commit 9cb0e8d70e
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
post.php
+1 -1
View File
@@ -5347,7 +5347,7 @@ if(isset($_POST['add_asset'])){
if (!empty($_POST['username'])) { if (!empty($_POST['username'])) {
$asset_id = mysqli_insert_id($mysqli); $asset_id = mysqli_insert_id($mysqli);
$username = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['username']))); $username = trim(mysqli_real_escape_string($mysqli, encryptLoginEntry($_POST['username'])));
$password = trim(mysqli_real_escape_string($mysqli, encryptLoginEntry($_POST['password']))); $password = trim(mysqli_real_escape_string($mysqli, encryptLoginEntry($_POST['password'])));
mysqli_query($mysqli,"INSERT INTO logins SET login_name = '$name', login_username = '$username', login_password = '$password', login_asset_id = $asset_id, login_client_id = $client_id, company_id = $session_company_id"); mysqli_query($mysqli,"INSERT INTO logins SET login_name = '$name', login_username = '$username', login_password = '$password', login_asset_id = $asset_id, login_client_id = $client_id, company_id = $session_company_id");