Restore safe behaviour of getLogin.

author Raphaël Barrois <raphael.barrois@polytechnique.org>

Sat, 26 Nov 2011 00:13:11 +0000 (01:13 +0100)

committer Raphaël Barrois <raphael.barrois@polytechnique.org>

Sat, 26 Nov 2011 00:13:11 +0000 (01:13 +0100)
author Raphaël Barrois <raphael.barrois@polytechnique.org>
Sat, 26 Nov 2011 00:13:11 +0000 (01:13 +0100)
committer Raphaël Barrois <raphael.barrois@polytechnique.org>
Sat, 26 Nov 2011 00:13:11 +0000 (01:13 +0100)
diff --git a/classes/user.php b/classes/user.php

index 7723c3f..a7467b2 100644 (file)
--- a/classes/user.php
+++ b/classes/user.php
@@ -85,8 +85,8 @@ class User extends PlUser
          // Checks whether $login is a valid hruid or not.
          $res = XDB::query('SELECT  uid
                               FROM  accounts
-                            WHERE  hruid' . XDB::formatWildcards(XDB::WILDCARD_CONTAINS, $login));
-        if ($res->numRows() == 1) {
+                             WHERE  hruid = {?}', $login);
+        if ($res->numRows()) {
              return $res->fetchOneCell();
          }
author	Raphaël Barrois <raphael.barrois@polytechnique.org>
	Sat, 26 Nov 2011 00:13:11 +0000 (01:13 +0100)
committer	Raphaël Barrois <raphael.barrois@polytechnique.org>
	Sat, 26 Nov 2011 00:13:11 +0000 (01:13 +0100)