diff options
Diffstat (limited to 'include/auth.php')
-rw-r--r-- | include/auth.php | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/include/auth.php b/include/auth.php index 768af626f..b7b96bdc0 100644 --- a/include/auth.php +++ b/include/auth.php @@ -48,7 +48,8 @@ if((isset($_SESSION)) && (x($_SESSION,'authenticated')) && ((! (x($_POST,'auth-p goaway(z_root()); } - $r = q("SELECT * FROM `user` WHERE `uid` = %d LIMIT 1", + $r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey` + FROM `user` WHERE `uid` = %d LIMIT 1", intval($_SESSION['uid']) ); @@ -183,7 +184,8 @@ else { // process normal login request - $r = q("SELECT * FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' ) + $r = q("SELECT `user`.*, `user`.`pubkey` as `upubkey`, `user`.`prvkey` as `uprvkey` + FROM `user` WHERE ( `email` = '%s' OR `nickname` = '%s' ) AND `password` = '%s' AND `blocked` = 0 AND `verified` = 1 LIMIT 1", dbesc(trim($_POST['openid_url'])), dbesc(trim($_POST['openid_url'])), |