diff options
Diffstat (limited to 'src/optionlower.php')
| -rw-r--r-- | src/optionlower.php | 29 |
1 files changed, 15 insertions, 14 deletions
diff --git a/src/optionlower.php b/src/optionlower.php index b3f6055..9be827b 100644 --- a/src/optionlower.php +++ b/src/optionlower.php @@ -21,7 +21,7 @@ // todos os usuarios require_once("globals.php"); -if(!ValidSession()) { +if(!ValidSession()) { // || $_SESSION["usertable"]["usertype"] == 'team') { InvalidSession("optionlower.php"); ForceLoad("index.php"); } @@ -32,16 +32,16 @@ if (isset($_GET["username"]) && isset($_GET["userfullname"]) && isset($_GET["use $username = myhtmlspecialchars($_GET["username"]); $userfullname = myhtmlspecialchars($_GET["userfullname"]); $userdesc = myhtmlspecialchars($_GET["userdesc"]); - $passwordo = myhtmlspecialchars($_GET["passwordo"]); - $passwordn = myhtmlspecialchars($_GET["passwordn"]); + $passwordo = $_GET["passwordo"]; + $passwordn = $_GET["passwordn"]; DBUserUpdate($_SESSION["usertable"]["contestnumber"], - $_SESSION["usertable"]["usersitenumber"], - $_SESSION["usertable"]["usernumber"], - $_SESSION["usertable"]["username"], // $username, but users should not change their names - $userfullname, - $userdesc, - $passwordo, - $passwordn); + $_SESSION["usertable"]["usersitenumber"], + $_SESSION["usertable"]["usernumber"], + $_SESSION["usertable"]["username"], // $username, but users should not change their names + $userfullname, + $userdesc, + $passwordo, + $passwordn); ForceLoad("option.php"); } @@ -56,18 +56,19 @@ $a = DBUserInfo($_SESSION["usertable"]["contestnumber"], <script language="JavaScript"> function computeHASH() { - var username, userdesc, userfull, passHASHo, passHASHn1, passHASHn2; + var username, userdesc, userfull, passHASHo, passHASHn; if (document.form1.passwordn1.value != document.form1.passwordn2.value) return; + if (document.form1.passwordn1.value == document.form1.passwordo.value) return; username = document.form1.username.value; userdesc = document.form1.userdesc.value; userfull = document.form1.userfull.value; - passMDo = js_myhash(js_myhash(document.form1.passwordo.value)+'<?php echo session_id(); ?>'); - passMDn = bighexsoma(js_myhash(document.form1.passwordn2.value),js_myhash(document.form1.passwordo.value)); + passHASHo = js_myhash(js_myhash(document.form1.passwordo.value)+'<?php echo session_id(); ?>'); + passHASHn = bighexsoma(js_myhash(document.form1.passwordn2.value),js_myhash(document.form1.passwordo.value)); document.form1.passwordo.value = ' '; document.form1.passwordn1.value = ' '; document.form1.passwordn2.value = ' '; - document.location='option.php?username='+username+'&userdesc='+userdesc+'&userfullname='+userfull+'&passwordo='+passMDo+'&passwordn='+passMDn; + document.location='option.php?username='+username+'&userdesc='+userdesc+'&userfullname='+userfull+'&passwordo='+passHASHo+'&passwordn='+passHASHn; } </script> |