projects
/
mirror
/
userdir-ldap-cgi.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
XSS bug in db.debian.org
[mirror/userdir-ldap-cgi.git]
/
update.cgi
diff --git
a/update.cgi
b/update.cgi
index
02d3a5b
..
5a59a34
100755
(executable)
--- a/
update.cgi
+++ b/
update.cgi
@@
-42,7
+42,7
@@
sub DieHandler {
$ldap->unbind if (defined($ldap));
}
$ldap->unbind if (defined($ldap));
}
-$SIG{__DIE__} = \&DieHandler;
+
#
$SIG{__DIE__} = \&DieHandler;
$ldap = Net::LDAP->new($config{ldaphost});
&Util::UpgradeConnection($ldap) unless $config{usessl} eq 'False';
$ldap = Net::LDAP->new($config{ldaphost});
&Util::UpgradeConnection($ldap) unless $config{usessl} eq 'False';
@@
-249,7
+249,7
@@
if (!($query->param('doupdate'))) {
}
# create a md5 crypted password
}
# create a md5 crypted password
- $newwebpassword = apache_md5_crypt($query->param('newwebpass'), &Util::CreateCryptSalt(
2
));
+ $newwebpassword = apache_md5_crypt($query->param('newwebpass'), &Util::CreateCryptSalt(
1, 1
));
&Util::LDAPUpdate($ldap, $editdn, 'webPassword', $newwebpassword);
}
&Util::LDAPUpdate($ldap, $editdn, 'webPassword', $newwebpassword);
}