|
39 | 39 | // initiate the content manager class |
40 | 40 | // for backward compatibility |
41 | 41 |
|
42 | | -$username = $modx->db->escape($modx->htmlspecialchars($_REQUEST['username'], ENT_NOQUOTES)); |
43 | | -$givenPassword = $modx->htmlspecialchars($_REQUEST['password'], ENT_NOQUOTES); |
44 | | -$captcha_code = $_REQUEST['captcha_code']; |
45 | | -$rememberme = $_REQUEST['rememberme']; |
| 42 | +$username = $modx->db->escape($modx->htmlspecialchars($_POST['username'], ENT_NOQUOTES)); |
| 43 | +$givenPassword = $modx->htmlspecialchars($_POST['password'], ENT_NOQUOTES); |
| 44 | +$captcha_code = $_POST['captcha_code']; |
| 45 | +$rememberme = $_POST['rememberme']; |
46 | 46 | $failed_allowed = $modx->config['failed_login_attempts']; |
47 | 47 |
|
48 | 48 | // invoke OnBeforeManagerLogin event |
|
174 | 174 | // check user password - local authentication |
175 | 175 | $hashType = $modx->manager->getHashType($dbasePassword); |
176 | 176 | if($hashType == 'phpass') { |
177 | | - $matchPassword = login($username, $_REQUEST['password'], $dbasePassword); |
| 177 | + $matchPassword = login($username, $_POST['password'], $dbasePassword); |
178 | 178 | } elseif($hashType == 'md5') { |
179 | | - $matchPassword = loginMD5($internalKey, $_REQUEST['password'], $dbasePassword, $username); |
| 179 | + $matchPassword = loginMD5($internalKey, $_POST['password'], $dbasePassword, $username); |
180 | 180 | } elseif($hashType == 'v1') { |
181 | | - $matchPassword = loginV1($internalKey, $_REQUEST['password'], $dbasePassword, $username); |
| 181 | + $matchPassword = loginV1($internalKey, $_POST['password'], $dbasePassword, $username); |
182 | 182 | } else { |
183 | 183 | $matchPassword = false; |
184 | 184 | } |
|
0 commit comments