Author: Henrik Nordstrom <henrik@henriknordstrom.net>

Correct Joomla DB auth handling

Found while reading the code. Original clearly could not have worked as
it split the password field using an uninitialized delimiter.

diff --git a/helpers/basic_auth/DB/squid_db_auth.in b/helpers/basic_auth/DB/squid_db_auth.in
index faed45bad5474e992bce4eec44c3b31423d0e8aa..b49782da96f4f3268118c9e2ed432d9b7c652835 100644 (file)
--- a/helpers/basic_auth/DB/squid_db_auth.in
+++ b/helpers/basic_auth/DB/squid_db_auth.in
@@ -136,7 +136,7 @@ sub check_password($$)
     if ($isjoomla){
         my $salt;
         my $key2;
-        ($key2,$salt) = split (/$salt/, $key);
+        ($key2,$salt) = split (/:/, $key);
         return 1 if md5_hex($password.$salt).':'.$salt eq $key;
     }
     else{