diff options
author | brain <brain@e03df62e-2008-0410-955e-edbf42e46eb7> | 2006-05-30 20:43:15 +0000 |
---|---|---|
committer | brain <brain@e03df62e-2008-0410-955e-edbf42e46eb7> | 2006-05-30 20:43:15 +0000 |
commit | 068c42db9d97e89e303faff5e944359635b1aa5b (patch) | |
tree | 41746bd9bf62a4dc5d53d5af4fd5d3181e8a4249 /src/modules/extra/m_sqlauth.cpp | |
parent | 565e51a475e3493b1e40bc23cc28774c5e72b2ab (diff) |
Apply mirq's optimization patches
git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@3977 e03df62e-2008-0410-955e-edbf42e46eb7
Diffstat (limited to 'src/modules/extra/m_sqlauth.cpp')
-rw-r--r-- | src/modules/extra/m_sqlauth.cpp | 18 |
1 files changed, 3 insertions, 15 deletions
diff --git a/src/modules/extra/m_sqlauth.cpp b/src/modules/extra/m_sqlauth.cpp index f27c0c28b..771749075 100644 --- a/src/modules/extra/m_sqlauth.cpp +++ b/src/modules/extra/m_sqlauth.cpp @@ -105,7 +105,7 @@ class ModuleSQLAuth : public Module } } - bool CheckCredentials(const std::string &username, std::string password) + bool CheckCredentials(const std::string &s_username, const std::string &s_password) { bool found = false; @@ -114,20 +114,8 @@ class ModuleSQLAuth : public Module return false; // sanitize the password (we dont want any mysql insertion exploits!) - std::string temp = ""; - for (unsigned int q = 0; q < password.length(); q++) - { - if (password[q] == '\'') - { - temp = temp + "\'"; - } - else if (password[q] == '"') - { - temp = temp + "\\\""; - } - else temp = temp + password[q]; - } - password = temp; + std::string username = SQLQuery::Sanitise(s_username); + std::string password = SQLQuery::Sanitise(s_password); // Create a request containing the SQL query and send it to m_sql.so std::string querystr("SELECT * FROM "+usertable+" WHERE "+userfield+"='"+username+"' AND "+passfield+"="+encryption+"'"+password+"')"); |