--- a/fhiiqm/inc/func_lib.inc.php Fri Dec 21 15:31:50 2012 +0100
+++ b/fhiiqm/inc/func_lib.inc.php Wed Feb 27 09:43:08 2013 +0100
@@ -144,10 +144,12 @@
}
if ($result)
{
+ if ($log["pass"] <= '') $log["pass"] = null;
$stmt->bind_result($userid, $pwdmd5);
if ($stmt->fetch())
{
- if ($pwdmd5 == md5($log["pass"]) || $log["pass"]==null)
+// if ($pwdmd5 == md5($log["pass"]) || $log["pass"]==null)
+ if ($pwdmd5 === md5($log["pass"]) || ($pwdmd5 === null && $log["pass"] === null))
{
$_SESSION = array();
$_SESSION["userid"] = $userid;