Install fix

[mailer.git] / inc / modules / admin.php

diff --git a/inc/modules/admin.php b/inc/modules/admin.php
index 35985114737c4740c63e0e09eda0c4b77b9c7d01..c0e1fdf48a4c581180ac6f9475013f3f86d9121d 100644 (file)
--- a/inc/modules/admin.php
+++ b/inc/modules/admin.php
@@ -56,18 +56,15 @@ if (!isBooleanConstantAndTrue('admin_registered')) {
        // Admin is not registered so we have to inform the user
        if ((isset($_POST['ok'])) && ((empty($_POST['login'])) || (empty($_POST['pass'])) || (strlen($_POST['pass']) < 4))) $_POST['ok'] = "***";
        if ((isset($_POST['ok'])) && ($_POST['ok'] != "***")) {
-               // Hash the password with our new generateHash() function
-               $hashedPass = generateHash($_POST['pass']);
-
-               // If the password has not been hashed we have to fall-back to md5()
-               if ($hashedPass == $_POST['pass']) $hashedPass = md5($hashedPass);
+               // Hash the password with the old function because we are here in install mode
+               $hashedPass = md5($hashedPass);
 
                // Do registration
                $ret = REGISTER_ADMIN($_POST['login'], $hashedPass);
                switch ($ret)
                {
                case "done":
-                       admin_WriteData(PATH."inc/config.php", "ADMIN-SETUP", "define ('admin_registered', ", ");", "true", 0);
+                       admin_WriteData(PATH."inc/config.php", "ADMIN-SETUP", "define('admin_registered', ", ");", "true", 0);
                        if (!_FATAL) {
                                // Registering is done
                                LOAD_URL(URL."/modules.php?module=admin&amp;action=login&register=done");
@@ -91,7 +88,7 @@ if (!isBooleanConstantAndTrue('admin_registered')) {
                        }
                        if (!isBooleanConstantAndTrue('admin_registered')) {
                                // Write to config that registration is done
-                               admin_WriteData(PATH."inc/config.php", "ADMIN-SETUP", "define ('admin_registered', ", ");", "true", 0);
+                               admin_WriteData(PATH."inc/config.php", "ADMIN-SETUP", "define('admin_registered', ", ");", "true", 0);
 
                                // Load URL for login
                                $URL = URL."/modules.php?module=admin&amp;action=login";
@@ -161,7 +158,6 @@ if (!isBooleanConstantAndTrue('admin_registered')) {
                        // Try to register the session variables
                        if ((set_session("admin_md5", generatePassString(generateHash($_POST['pass'], __SALT)))) && (set_session("admin_login", $_POST['login'])) && (set_session("admin_last", time())) && (set_session("admin_to", $_POST['timeout']))) {
                                // Construct URL and redirect
-                               die("OK");
                                $URL = URL."/modules.php?module=admin&amp;";
 
                                // Rewrite overview module
@@ -277,7 +273,7 @@ if (!isBooleanConstantAndTrue('admin_registered')) {
        }
 } else {
        // Maybe an Admin want's to login?
-       $ret = CHECK_ADMIN_COOKIES('admin_login', 'admin_md5');
+       $ret = CHECK_ADMIN_COOKIES(SQL_ESCAPE(get_session('admin_login')), SQL_ESCAPE(get_session('admin_md5')));
        switch ($ret) {
        case "done":
                // Cookie-Data accepted