No longer salting login user name
[squasher.git] / squasher.class.php
index 4e3a4cf1c530bfc31f3418ed8b3fe26b6165ec5e..c845f062a920071a50e622ddb35df775d9d3380c 100644 (file)
@@ -24,7 +24,7 @@ function validate_user($vars,$salt){
        $query="SELECT * FROM users";
        $q_result = mysql_query($query);
        while ($fetched_object = mysql_fetch_object($q_result)){
-               if (md5(md5($fetched_object->user_name).$salt) == $vars[user]){
+               if ($fetched_object->user_name == $vars[user]){
                        if (md5($fetched_object->user_pass.$salt) == $vars[pass]){
                                //validated
                                $creds[user_id] = $fetched_object->user_id;