Update post.php

Bugfix login username not being encrypted when added as part of the asset add flow
2023-02-05 08:29:28 +00:00
parent 04e4ccb9cf
commit 9cb0e8d70e
1 changed files with 3 additions and 3 deletions
@@ -5347,7 +5347,7 @@ if(isset($_POST['add_asset'])){

    if (!empty($_POST['username'])) {
        $asset_id = mysqli_insert_id($mysqli);
-        $username = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['username'])));
+        $username = trim(mysqli_real_escape_string($mysqli, encryptLoginEntry($_POST['username'])));
        $password = trim(mysqli_real_escape_string($mysqli, encryptLoginEntry($_POST['password'])));

        mysqli_query($mysqli,"INSERT INTO logins SET login_name = '$name', login_username = '$username', login_password = '$password', login_asset_id = $asset_id, login_client_id = $client_id, company_id = $session_company_id");