X-Git-Url: https://git.ucc.asn.au/?a=blobdiff_plain;ds=sidebyside;f=server%2Flogin.c;h=2aa702d65fac384fdf8bc9e2f3afb86b4d061d70;hb=e2c333035c595ef6e48ff66d46a811ca17f97a26;hp=a616af2c0a4ab627987a2edbb2bc9e91be47c60a;hpb=29cdd749c2c6c87a23287a398035a103086aa224;p=matches%2FMCTX3420.git

diff --git a/server/login.c b/server/login.c
index a616af2..2aa702d 100644
--- a/server/login.c
+++ b/server/login.c
@@ -168,9 +168,8 @@ void Login_Handler(FCGIContext * context, char * params)
 		return;
 	}
 
-	char * user = ""; // The username supplied through CGI
-	char * pass = ""; // The password supplied through CGI
-						//TODO: Make sure these are passed through HTTPS, *not* HTTP .... otherwise people can eavesdrop on the passwords
+	char * user; // The username supplied through CGI
+	char * pass; // The password supplied through CGI
 
 	FCGIValue values[] = {
 		{"user", &user, FCGI_REQUIRED(FCGI_STRING_T)},
@@ -191,17 +190,14 @@ void Login_Handler(FCGIContext * context, char * params)
 		return;
 	}
 
-
-	// Trim leading whitespace (the BUFSIZ check is to make sure incorrectly terminated strings don't cause an infinite loop)
+	// Trim leading whitespace
 	int i = 0;
-	for (i = 0; i < BUFSIZ && isspace(user[0]) && user[0] != '\0'; ++i,++user);
+	for (i = 0; isspace(user[0]) && user[0] != '\0'; ++i, ++user);
 
 	// Truncate string at first non alphanumeric character
-	for (i = 0; i < BUFSIZ && isalnum(user[i]) && user[i] != '\0'; ++i);
+	for (i = 0; isalnum(user[i]) && user[i] != '\0'; ++i);
 	user[i] = '\0';
 
-
-
 	
 	bool authenticated = true;
 	
@@ -260,5 +256,5 @@ void Login_Handler(FCGIContext * context, char * params)
 	// Give the user a cookie
 	FCGI_PrintRaw("Content-type: text\r\n");
 	FCGI_PrintRaw("Set-Cookie: %s\r\n\r\n", context->control_key);
-	
+	FCGI_PrintRaw("Logged in");
 }