diff --git a/functions.inc.php b/functions.inc.php index 368467ab..728da3a8 100644 --- a/functions.inc.php +++ b/functions.inc.php @@ -2091,8 +2091,6 @@ function table_by_key($table_key) { $table = $CONF['database_prefix'] . $table; if (db_mysql()) { - // try and ensure we don't get ``table`` ? - $table = preg_replace('/`/', '', $table); return "`" . $table . "`"; } diff --git a/model/Login.php b/model/Login.php index 8d637a6d..5a9ae8fe 100644 --- a/model/Login.php +++ b/model/Login.php @@ -1,6 +1,7 @@ table = table_by_key($tableName); + $this->table = $tableName; + $this->key_table = table_by_key($tableName); } /** @@ -21,7 +23,7 @@ class Login { */ public function login($username, $password): bool { $active = db_get_boolean(true); - $query = "SELECT password FROM {$this->table} WHERE username = :username AND active = :active"; + $query = "SELECT password FROM {$this->key_table} WHERE username = :username AND active = :active"; $values = array('username' => $username, 'active' => $active); @@ -60,7 +62,7 @@ class Login { * @throws Exception */ public function generatePasswordRecoveryCode(string $username) { - $sql = "SELECT count(1) FROM {$this->table} WHERE username = :username AND active = :active"; + $sql = "SELECT count(1) FROM {$this->key_table} WHERE username = :username AND active = :active"; $active = db_get_boolean(true); @@ -108,7 +110,7 @@ class Login { 'password' => pacrypt($new_password), ); - $result = db_update('mailbox', 'username', $username, $set); + $result = db_update($this->key_table, 'username', $username, $set); if ($result != 1) { db_log($domain, 'edit_password', "FAILURE: " . $username);