From 8e585cd2621da69f6bdf837882e5b1ee79bd148b Mon Sep 17 00:00:00 2001 From: Mike Koch Date: Thu, 26 Feb 2015 18:42:43 -0500 Subject: [PATCH] Closes #144 Updated to HESK 2.6.1 --- admin/admin_settings_save.php | 2 +- inc/admin_functions.inc.php | 20 +++++++++++--------- 2 files changed, 12 insertions(+), 10 deletions(-) diff --git a/admin/admin_settings_save.php b/admin/admin_settings_save.php index 3579edf9..a59bbaea 100644 --- a/admin/admin_settings_save.php +++ b/admin/admin_settings_save.php @@ -306,7 +306,7 @@ $set['pop3'] = empty($_POST['s_pop3']) ? 0 : 1; if ($set['pop3']) { // Get POP3 fetching timeout - $set['pop3_job_wait'] = hesk_checkMinMax( intval( hesk_POST('s_pop3_job_wait') ) , 1, 1440, 15); + $set['pop3_job_wait'] = hesk_checkMinMax( intval( hesk_POST('s_pop3_job_wait') ) , 0, 1440, 15); // Test POP3 connection $pop3_OK = hesk_testPOP3(true); diff --git a/inc/admin_functions.inc.php b/inc/admin_functions.inc.php index 6a2d0f0b..fe456660 100644 --- a/inc/admin_functions.inc.php +++ b/inc/admin_functions.inc.php @@ -400,18 +400,20 @@ function hesk_autoLogin($noredirect=0) } $res=hesk_dbFetchAssoc($result); - foreach ($res as $k=>$v) + + /* Check password */ + if ($hash != hesk_Pass2Hash($res['pass'] . strtolower($user) . $res['pass']) ) { - $_SESSION[$k]=$v; + setcookie('hesk_username', ''); + setcookie('hesk_p', ''); + header('Location: index.php?a=login¬ice=1'); + exit(); } - /* Check password */ - if ($hash != hesk_Pass2Hash($_SESSION['pass'] . strtolower($user) . $_SESSION['pass']) ) - { - setcookie('hesk_username', ''); - setcookie('hesk_p', ''); - header('Location: index.php?a=login¬ice=1'); - exit(); + // Set user details + foreach ($res as $k=>$v) + { + $_SESSION[$k]=$v; } /* Check if default password */