X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;ds=sidebyside;f=include%2Fdiogenes.session.inc.php;h=7fa5286652d2096f587322411ceb3d04d00a215d;hb=3b34a3453da45ee2f3672d8c8af7fb617d4b7560;hp=e6e1a60f0031a9591682a4621389d300dae850ab;hpb=1c03363d9ce0dbde8e2be667058538441d16b015;p=diogenes.git

diff --git a/include/diogenes.session.inc.php b/include/diogenes.session.inc.php
index e6e1a60..7fa5286 100644
--- a/include/diogenes.session.inc.php
+++ b/include/diogenes.session.inc.php
@@ -110,7 +110,7 @@ class DiogenesSession extends DiogenesCoreSession {
 
     // check credentials
     $pass = md5($pass);
-    $res = $globals->db->query("select user_id,username,perms from {$globals->tauth['native']} where username='$user' and password='$pass'");
+    $res = $globals->db->query("SELECT user_id,username,perms FROM {$globals->tauth['native']} WHERE username='$user' AND password='$pass'");
     if (!list($uid,$user,$perms) = mysql_fetch_row($res))
       return false;      
 
@@ -168,11 +168,9 @@ class DiogenesSession extends DiogenesCoreSession {
       }
 
       // read site specific permissions
-      $res = $globals->db->query("select perms from diogenes_perm where alias='{$alias}'".
-                         " and auth='{$this->auth}' and uid='{$this->uid}'");
-      if (mysql_num_rows($res)>0) {
+      $res = $globals->db->query("SELECT perms FROM diogenes_perm WHERE alias='{$alias}' AND auth='{$this->auth}' AND uid='{$this->uid}'");
+      if (list($tmp) = mysql_fetch_row($res)) {
         $this->perms->addflag('user');
-        list($tmp) = mysql_fetch_row($res);
         $this->perms->addflag($tmp);
       }
       mysql_free_result($res);