Another fix for Password Hashing

2016-08-04 21:49:51 +10:00 · 2016-08-04 21:49:51 +10:00 · 181bc41d7a
commit 181bc41d7a
parent b1e1bd2342
1 changed files with 2 additions and 1 deletions
--- a/users.c
+++ b/users.c
@ -225,7 +225,8 @@ struct user_record *check_user_pass(int socket, char *loginname, char *password)
 	sqlite3 *db;
  sqlite3_stmt *res;
  int rc;
-  char *sql = "SELECT * FROM users WHERE loginname LIKE ?";
+  char *sql = "SELECT loginname, password, salt, firstname,"
+					   "lastname, email, location, sec_level, last_on, time_left, cur_mail_conf, cur_mail_area, cur_file_dir, cur_file_sub, times_on FROM users WHERE loginname LIKE ?";
 	char *pass_hash;

 	sprintf(buffer, "%s/users.sq3", conf.bbs_path);