CVSTrac Legacy Code

Check-in [f81e205041]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:If the user.passwd field is "any" then allow login with any password.
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: f81e20504134bed4ca84d4e1f2d46be14e2d364d
User & Date: drh 2011-09-14 12:47:04
Context
2011-11-29
14:50
Apparently, nobody has combined an inspection on a branch commit with an RSS feed check-in: 303444c716 user: cpb tags: trunk
2011-09-14
12:47
If the user.passwd field is "any" then allow login with any password. check-in: f81e205041 user: drh tags: trunk
2011-09-13
22:02
Improvements to the homepage. check-in: 2832e0a44b user: drh tags: trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to login.c.

102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
    z = db_short_query("SELECT passwd FROM user WHERE id='%q'", zUsername);
    if(
#ifdef CVSTRAC_WINDOWS
        /* Windows domain login when password is set to "*" in the database */
        z==0 || z[0]==0 || ((z[0]!='*' || z[1]!=0) && strcmp(crypt(zPasswd,z),z)!=0) ||
        (z[0]=='*' && z[1]==0 && !_LogonUserA((LPTSTR)zUsername, ".", (LPTSTR)zPasswd, LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT, &hToken))
#else
        z==0 || z[0]==0 || strcmp(crypt(zPasswd,z),z)!=0
#endif
    ){
      sleep(1);
      zErrMsg = 
         @ <p class="error">
         @ You entered an incorrect username and/or password
         @ </p>







|







102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
    z = db_short_query("SELECT passwd FROM user WHERE id='%q'", zUsername);
    if(
#ifdef CVSTRAC_WINDOWS
        /* Windows domain login when password is set to "*" in the database */
        z==0 || z[0]==0 || ((z[0]!='*' || z[1]!=0) && strcmp(crypt(zPasswd,z),z)!=0) ||
        (z[0]=='*' && z[1]==0 && !_LogonUserA((LPTSTR)zUsername, ".", (LPTSTR)zPasswd, LOGON32_LOGON_NETWORK, LOGON32_PROVIDER_DEFAULT, &hToken))
#else
        z==0 || z[0]==0 || (strcmp(z,"any")!=0 && strcmp(crypt(zPasswd,z),z)!=0)
#endif
    ){
      sleep(1);
      zErrMsg = 
         @ <p class="error">
         @ You entered an incorrect username and/or password
         @ </p>