Source

iredmail / iRedMail / patches / roundcubemail / password_driver_pgsql.patch

--- plugins/password/drivers/sql.php	2013-05-17 02:06:30.000000000 +0800
+++ plugins/password/drivers/sql.php	2013-06-13 21:41:41.000000000 +0800
@@ -80,7 +80,8 @@
                 $salt .= $seedchars[rand(0, 63)];
             }
 
-            $sql = str_replace('%c',  $db->quote(crypt($passwd, $salt_hashindicator ? $salt_hashindicator .$salt.'$' : $salt)), $sql);
+            //$sql = str_replace('%c',  $db->quote(crypt($passwd, $salt_hashindicator ? $salt_hashindicator .$salt.'$' : $salt)), $sql);
+            $sql = str_replace('%c', str_replace("'", "\'", $db->quote(crypt($passwd, $salt_hashindicator ? $salt_hashindicator .$salt.'$' : $salt))), $sql);
         }
 
         // dovecotpw
@@ -177,7 +178,8 @@
         // at least we should always have the local part
         $sql = str_replace('%l', $db->quote($local_part, 'text'), $sql);
         $sql = str_replace('%d', $db->quote($domain_part, 'text'), $sql);
-        $sql = str_replace('%u', $db->quote($username, 'text'), $sql);
+        //$sql = str_replace('%u', $db->quote($username, 'text'), $sql);
+        $sql = str_replace('%u', str_replace("'", "\'", $db->quote($username, 'text')), $sql);
         $sql = str_replace('%h', $db->quote($host, 'text'), $sql);
 
         $res = $db->query($sql, $sql_vars);
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.