yea I am an idiot

author: Karl 'vollmerk' Vollmer <vollmer@ampache.org> 2006-01-13 15:51:16 +0000
committer: Karl 'vollmerk' Vollmer <vollmer@ampache.org> 2006-01-13 15:51:16 +0000
commit: 5d6e06fa17d5e155a01e14a9e6ceb3abf3d1b69f (patch)
tree: e3d1084f5bd98e18d6fda60e5978a92396f8495c /modules
parent: ac70ee39d84aefa6f34e35e9156c279fe1bbfe32 (diff)
download: ampache-5d6e06fa17d5e155a01e14a9e6ceb3abf3d1b69f.tar.gz
ampache-5d6e06fa17d5e155a01e14a9e6ceb3abf3d1b69f.tar.bz2
ampache-5d6e06fa17d5e155a01e14a9e6ceb3abf3d1b69f.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/vauth/auth.lib.php b/modules/vauth/auth.lib.php
index 8061c17d..7c974d7c 100644
--- a/modules/vauth/auth.lib.php
+++ b/modules/vauth/auth.lib.php
@@ -70,7 +70,7 @@ function vauth_mysql_auth($username,$password) {
 	        $password_check_sql = "OLD_PASSWORD('$password')";
         }
 
-	$sql = "SELECT username FROM user WHERE username='$username' AND $password_check_sql";
+	$sql = "SELECT username FROM user WHERE username='$username' AND password=$password_check_sql";
 	$db_results = mysql_query($sql, vauth_dbh());
 
 	$results = mysql_fetch_assoc($db_results);
author	Karl 'vollmerk' Vollmer <vollmer@ampache.org>	2006-01-13 15:51:16 +0000
committer	Karl 'vollmerk' Vollmer <vollmer@ampache.org>	2006-01-13 15:51:16 +0000
commit	5d6e06fa17d5e155a01e14a9e6ceb3abf3d1b69f (patch)
tree	e3d1084f5bd98e18d6fda60e5978a92396f8495c /modules
parent	ac70ee39d84aefa6f34e35e9156c279fe1bbfe32 (diff)
download	ampache-5d6e06fa17d5e155a01e14a9e6ceb3abf3d1b69f.tar.gz ampache-5d6e06fa17d5e155a01e14a9e6ceb3abf3d1b69f.tar.bz2 ampache-5d6e06fa17d5e155a01e14a9e6ceb3abf3d1b69f.zip