John Doe wrote:
> End of the week => SELECT password instead of login, plus trailing "...
> I also changed a few things:
>
> AUTH_PLAIN_QUERY = SELECT login FROM emails WHERE login = '$2' AND password = MD5('$3')
> AUTH_LOGIN_QUERY = SELECT login FROM emails WHERE login = '$1' AND password = MD5('$2')
>
> PLAIN:
> driver = plaintext
> public_name = PLAIN
> server_prompts = :
> server_condition = ${lookup mysql{AUTH_PLAIN_QUERY}{1}fail}
> server_advertise_condition = ${if def:tls_cipher }
> server_set_id = $2
>
> LOGIN:
> driver = plaintext
> public_name = LOGIN
> server_prompts = <| Username: | Password:
> server_condition = ${lookup mysql{AUTH_LOGIN_QUERY}{1}fail}
> server_advertise_condition = ${if def:tls_cipher }
> server_set_id = $1
>
> Anything looks wrong or could be done better?
You're open to SQL injection attacks as you haven't escaped apostrophes
in the login name or password. For example:
login = '$2'
Should be:
login = '${quote_mysql:$2}'
--
Mike Cardwell - IT Consultant and LAMP developer
Cardwell IT Ltd. (UK Reg'd Company #06920226)
http://cardwellit.com/
Technical Blog:
https://secure.grepular.com/blog/
