soutade/gPass
1
0
Fork 0
Code Issues Pull Requests Packages Releases 2 Activity

Server side :

Browse Source 
* Trim password and login before instertion
	* Can use empty master key to see user passwords
	* Fix a bug : can't decode multiple queries from client

Client side :
	* Don't send empty username
	* Update README
This commit is contained in:
Gregory Soutade
2013-10-17 18:26:54 +02:00
parent 4fd1f1e92f
commit 67d21ff3ef
5 changed files with 12 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
server/index.php
View File

@@ -107,7 +107,7 @@ else
}
echo "</select>\n";
echo ' <b>Master key </b> <input id="see_password" type="password" name="mkey"/>';
echo "<input name=\"see\" type=\"submit\" value=\"See\" onclick=\"a=document.getElementById('selected_user') ; return derive_mkey(a.options[a.selectedIndex].value, 'see_password') ;\"/>" . "\n";
echo "<input name=\"see\" type=\"submit\" value=\"See\" onclick=\"if (document.getElementById('see_password').value == '') return true; a=document.getElementById('selected_user') ; return derive_mkey(a.options[a.selectedIndex].value, 'see_password') ;\"/>" . "\n";
}
?>
</form>