Source

iredmail / iRedMail / patches / roundcubemail / password_driver_pgsql.patch

--- plugins/password/drivers/sql.php	2012-08-07 00:18:12.000000000 +0800
+++ sql.php	2012-08-08 18:39:04.000000000 +0800
@@ -55,7 +55,8 @@
     	        $salt .= $seedchars[rand(0, 63)];
             }
 
-            $sql = str_replace('%c',  $db->quote(crypt($passwd, CRYPT_MD5 ? '$1$'.$salt.'$' : $salt)), $sql);
+            //$sql = str_replace('%c',  $db->quote(crypt($passwd, CRYPT_MD5 ? '$1$'.$salt.'$' : $salt)), $sql);
+            $sql = str_replace('%c', str_replace("'", "\'", $db->quote(crypt($passwd, CRYPT_MD5 ? '$1$'.$salt.'$' : $salt))), $sql);
         }
 
         // dovecotpw
@@ -152,7 +153,8 @@
         // at least we should always have the local part
         $sql = str_replace('%l', $db->quote($local_part, 'text'), $sql);
         $sql = str_replace('%d', $db->quote($domain_part, 'text'), $sql);
-        $sql = str_replace('%u', $db->quote($username, 'text'), $sql);
+        //$sql = str_replace('%u', $db->quote($username, 'text'), $sql);
+        $sql = str_replace('%u', str_replace("'", "\'", $db->quote($username, 'text')), $sql);
         $sql = str_replace('%h', $db->quote($host, 'text'), $sql);
 
         $res = $db->query($sql, $sql_vars);
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.