MDL-14679 towards authlib conversion

carolinekennedy · May 30, 2008 · 576c063 · 576c063
1 parent bdd3e83
commit 576c063
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 11 deletions.
diff --git a/auth/db/auth.php b/auth/db/auth.php
@@ -38,18 +38,17 @@ function auth_plugin_db() {
      * Returns true if the username and password work and false if they are
      * wrong or don't exist.
      *
-     * @param string $username The username (with system magic quotes)
-     * @param string $password The password (with system magic quotes)
+     * @param string $username The username
+     * @param string $password The password
      *
      * @return bool Authentication success or failure.
      */
     function user_login($username, $password) {
-
-        global $CFG;
+        global $CFG, $DB;
 
         $textlib = textlib_get_instance();
-        $extusername = $textlib->convert(stripslashes($username), 'utf-8', $this->config->extencoding);
-        $extpassword = $textlib->convert(stripslashes($password), 'utf-8', $this->config->extencoding);
+        $extusername = $textlib->convert($username, 'utf-8', $this->config->extencoding);
+        $extpassword = $textlib->convert($password, 'utf-8', $this->config->extencoding);
 
         $authdb = $this->db_init();
 
@@ -70,7 +69,7 @@ function user_login($username, $password) {
                 $authdb->Close();
                 // user exists exterally
                 // check username/password internally
-                if ($user = get_record('user', 'username', $username, 'mnethostid', $CFG->mnet_localhost_id)) {
+                if ($user = $DB->get_record('user', array('username'=>$username, 'mnethostid'=>$CFG->mnet_localhost_id))) {
                     return validate_internal_user_password($user, $password);
                 }
             } else {

diff --git a/auth/ldap/auth.php b/auth/ldap/auth.php
@@ -86,8 +86,8 @@ function user_login($username, $password) {
         }
 
         $textlib = textlib_get_instance();
-        $extusername = $textlib->convert(stripslashes($username), 'utf-8', $this->config->ldapencoding);
-        $extpassword = $textlib->convert(stripslashes($password), 'utf-8', $this->config->ldapencoding);
+        $extusername = $textlib->convert($username, 'utf-8', $this->config->ldapencoding);
+        $extpassword = $textlib->convert($password, 'utf-8', $this->config->ldapencoding);
 
         //
         // Before we connect to LDAP, check if this is an AD SSO login

diff --git a/lib/moodlelib.php b/lib/moodlelib.php
@@ -3012,8 +3012,8 @@ function guest_user() {
  * the session up.
  *
  * @uses $CFG
- * @param string $username  User's username (with system magic quotes)
- * @param string $password  User's password (with system magic quotes)
+ * @param string $username  User's username
+ * @param string $password  User's password
  * @return user|flase A {@link $USER} object or false if error
  */
 function authenticate_user_login($username, $password) {