bug fix passwords

2 files changed, 9 insertions, 10 deletions

diff --git a/src/admin/option.php b/src/admin/option.php
index 81e5879..d3581a4 100644
--- a/src/admin/option.php
+++ b/src/admin/option.php
@@ -15,7 +15,6 @@
 //    You should have received a copy of the GNU General Public License
 //    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 ////////////////////////////////////////////////////////////////////////////////
-// Last modified 05/aug/2012 by cassio@ime.usp.br
 require('header.php');
 require('../optionlower.php');
 ?>
diff --git a/src/optionlower.php b/src/optionlower.php
index 92c309c..7a15802 100644
--- a/src/optionlower.php
+++ b/src/optionlower.php
@@ -32,16 +32,16 @@ if (isset($_GET["username"]) && isset($_GET["userfullname"]) && isset($_GET["use
 	$username = myhtmlspecialchars($_GET["username"]);
 	$userfullname = myhtmlspecialchars($_GET["userfullname"]);
 	$userdesc = myhtmlspecialchars($_GET["userdesc"]);
-	$passwordo = myhtmlspecialchars($_GET["passwordo"]);
-	$passwordn = myhtmlspecialchars($_GET["passwordn"]);
+	$passwordo = $_GET["passwordo"];
+	$passwordn = $_GET["passwordn"];
 	DBUserUpdate($_SESSION["usertable"]["contestnumber"],
-				 $_SESSION["usertable"]["usersitenumber"],
-				 $_SESSION["usertable"]["usernumber"],
-				 $_SESSION["usertable"]["username"], // $username, but users should not change their names
-				 $userfullname,
-				 $userdesc,
-				 $passwordo,
-				 $passwordn);
+		     $_SESSION["usertable"]["usersitenumber"],
+		     $_SESSION["usertable"]["usernumber"],
+		     $_SESSION["usertable"]["username"], // $username, but users should not change their names
+		     $userfullname,
+		     $userdesc,
+		     $passwordo,
+		     $passwordn);
 	ForceLoad("option.php");
 }