diff options
author | David Sommerseth <dazo@users.sourceforge.net> | 2009-09-27 15:36:49 +0200 |
---|---|---|
committer | David Sommerseth <dazo@users.sourceforge.net> | 2009-09-27 15:36:49 +0200 |
commit | 9084528b2a0ca002fbd26663960e2a6006d40553 (patch) | |
tree | cf476c2bc7c211830d4fb0d8c67347dcd43267d3 /database/sqlite | |
parent | d4899aabecc5a3e7c2619831e5237a5482d5ee84 (diff) | |
download | eurephia-9084528b2a0ca002fbd26663960e2a6006d40553.tar.gz eurephia-9084528b2a0ca002fbd26663960e2a6006d40553.tar.xz eurephia-9084528b2a0ca002fbd26663960e2a6006d40553.zip |
Fixed missing check in eDBadminValidateSession() against interface type
Diffstat (limited to 'database/sqlite')
-rw-r--r-- | database/sqlite/administration.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/database/sqlite/administration.c b/database/sqlite/administration.c index 04dbe6e..59180a9 100644 --- a/database/sqlite/administration.c +++ b/database/sqlite/administration.c @@ -251,8 +251,9 @@ int eDBadminValidateSession(eurephiaCTX *ctx, const char *sesskey, const char *r " LEFT JOIN eurephia_adminaccess USING(uid,interface)" " WHERE status IN (1,2)" " AND sessionkey = '%q'" - " AND access = '%q'", - expire_time, sesskey, req_access); + " AND access = '%q'" + " AND interface = '%c'", + expire_time, sesskey, req_access, interface); if( (res == NULL) ) { eurephia_log(ctx, LOG_FATAL, 0, "Could not validate session"); |