diff --git a/firefox_addon/README.md b/firefox_addon/README.md
index 579c940..1baeb7d 100644
--- a/firefox_addon/README.md
+++ b/firefox_addon/README.md
@@ -20,7 +20,7 @@ Usage
-----
-The first thing to do is to populate your database (from your/a password server) with login/password/master key values. If you want to make strong password, there is a password generator. After that, configure your addon in "tools -> addons -> gPass -> preferences" to point to your password server (+ username).
+The first thing to do is to populate your database (from your/a password server) with login/password/master key values. If you want to make strong password, there is a password generator. After that, configure your addon in "tools -> addons -> gPass -> preferences" to point to your password server (+ username). Be careful, login and password are case sensitive.
When you're in a login form and you want to use gPass, type your login and fill "@@masterkey" in password field. Then submit and password will automatically be replaced by the one in the database (after addon decrypt it).
@@ -40,7 +40,7 @@ For now the only addons made is for firefox. Server side is written in PHP (with
Server
------
-To host a password server, you need a webserver. Just copy server files in a directory read/write for web server user (www-data). A sample apache2 configuration file is available in ressources.
+To host a password server, you need a webserver. Just copy server files in a directory read/write for web server user (www-data). A sample apache2 configuration file is available in ressources. For enhanced security, it's better to put the password server under https.
You can activate/deactivate view of ciphered passwords by setting $VIEW_CIPHERED_PASSWORDS in index.php.
diff --git a/firefox_addon/lib/main.js b/firefox_addon/lib/main.js
index 9b49a4d..9f89cd4 100644
--- a/firefox_addon/lib/main.js
+++ b/firefox_addon/lib/main.js
@@ -68,13 +68,13 @@ function on_sumbit()
debug("salt " + salt);
- // Get all
+ // Get all &&
for (i=0; i $row['login'],
diff --git a/server/index.php b/server/index.php
index a2c2bc9..9d5e434 100755
--- a/server/index.php
+++ b/server/index.php
@@ -107,7 +107,7 @@ else
}
echo "\n";
echo ' Master key ';
- echo "" . "\n";
+ echo "" . "\n";
}
?>
diff --git a/server/ref/index.php b/server/ref/index.php
index bf19044..6f69f82 100755
--- a/server/ref/index.php
+++ b/server/ref/index.php
@@ -45,7 +45,8 @@ for ($i=0; isset($_POST["k$i"]); $i++)
{
$statement->bindValue(":login", $_POST["k$i"]);
$result = $statement->execute();
- $row = $result->fetchArray();
+ $row = $result->fetchArray(SQLITE3_ASSOC);
+ $result->finalize();
if (isset($row["password"]))
{
echo "pass=" . $row["password"] . "\n";