search

stephenfewer / grinder

Grinder is a system to automate the fuzzing of web browsers and the management of a large number of crashes.
BSD 3-Clause "New" or "Revised" License
414 stars 131 forks source link

a bug in user_create function #66

Closed progmboy closed 8 years ago

progmboy commented 8 years ago 
    function user_create( $name, $email, $password, $type )
    {
        $success = false;

        if( user_isadministrator() )
        {
            if( user_valid_password( $password ) or !ser_valid_username( $name ) )
            {
                $sql  = "INSERT INTO users ( name, email, password, type ) VALUES ";
                $sql .= "( '" . mysql_real_escape_string( $name ) . "', '" . mysql_real_escape_string( $email ) . "', '" . mysql_real_escape_string( sha1( GRINDER_SALT . $password ) ) . "', '" . mysql_real_escape_string( $type ) . "' );";

                $result = mysql_query( $sql );
                if( $result )
                {
                    $success = true;
                    mysql_free_result( $result );
                }
            }
        }

        return $success;
    }

if( user_valid_password( $password ) or !ser_valid_username( $name ) ) should be if( user_valid_password( $password ) and user_valid_username( $name ) )

stephenfewer commented 8 years ago

Thanks!