diff options
Diffstat (limited to 'src/flog.php')
| -rw-r--r-- | src/flog.php | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/src/flog.php b/src/flog.php index 5aef8e0..0024727 100644 --- a/src/flog.php +++ b/src/flog.php @@ -138,12 +138,6 @@ function DBLogInContest($name,$pass,$contest,$msg=true) { $p = myhash($a["userpassword"] . session_id()); $_SESSION['usertable']['userpassword'] = $p; - if ($a["userpassword"] != "" && $p != $pass) { - LOGLevel("User $name tried to log in contest $contest but password was incorrect.",2); - if($msg) MSGError("Incorrect password."); - unset($_SESSION["usertable"]); - return false; - } if ($d["sitepermitlogins"]=="f" && $a["usertype"] != "admin" && $a["usertype"] != "judge" && $a["usertype"] != "site") { LOGLevel("User $name tried to login contest $contest but logins are denied.",2); if($msg) MSGError("Logins are not allowed."); @@ -156,6 +150,12 @@ function DBLogInContest($name,$pass,$contest,$msg=true) { unset($_SESSION["usertable"]); return false; } + if ($a["userpassword"] != "" && $p != $pass) { + LOGLevel("User $name tried to log in contest $contest but password was incorrect.",2); + if($msg) MSGError("Incorrect password."); + unset($_SESSION["usertable"]); + return false; + } $gip=getIP(); if ($a["userip"] != $gip && $a["userip"] != "" && $a["usertype"] != "score") { LOGLevel("User $name is using two different IPs: " . $a["userip"] . |