$data = array();
$data['after_login_url'] = format_oneline(_REQUEST_cut('after_login_url'));
- $data['username'] = format_oneline(trim(_REQUEST_cut('username')));
+ $data['username'] = format_auth_username(trim(_REQUEST_cut('username')));
$data['password'] = format_oneline(trim(_REQUEST_cut('password')));
return $data;
function login_main() {
$data = login_get_fields();
if (strlen($data['username']) && strlen($data['password'])) {
- $row = db_get_assoc('users', 'id,name,role,password', 'where username=%"', format_auth_username($data['username']));
+ $row = db_get_assoc('users', 'id,name,role,password', 'where username=%"', $data['username']);
if ($row) # &&
if (strlen($row['password'])) {
$needs_rehash = false;