Merge commit 'upstream/master'

author: Romain LE DISEZ <romain.git@ledisez.net> 2009-07-16 17:31:20 +0200
committer: Romain LE DISEZ <romain.git@ledisez.net> 2009-07-16 17:31:20 +0200
commit: 7f5030ac208c30a7dc576a57cd9e665022ccbde5 (patch)
tree: 6b23e78aa8cc2dd363def46e083217e3c9b52f1b /modules/user/controllers/login.php
parent: 923732ca4dca6db218f6252a7133cd72f98fa086 (diff)
parent: 85b0f580291e375a2c5ec21b8210e59023ee24c2 (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/modules/user/controllers/login.php b/modules/user/controllers/login.php
index 54a7905e..4d901051 100644
--- a/modules/user/controllers/login.php
+++ b/modules/user/controllers/login.php
@@ -62,7 +62,8 @@ class Login_Controller extends Controller {
       if (!$user->loaded || !user::is_correct_password($user, $form->login->password->value)) {
         log::warning(
           "user",
-          t("Failed login for %name", array("name" => $form->login->inputs["name"]->value)));
+          t("Failed login for %name",
+            array("name" => p::clean($form->login->inputs["name"]->value))));
         $form->login->inputs["name"]->add_error("invalid_login", 1);
         $valid = false;
       }
@@ -70,7 +71,7 @@ class Login_Controller extends Controller {
 
     if ($valid) {
       user::login($user);
-      log::info("user", t("User %name logged in", array("name" => $user->name)));
+      log::info("user", t("User %name logged in", array("name" => p::clean($user->name))));
     }
 
     // Either way, regenerate the session id to avoid session trapping
author	Romain LE DISEZ <romain.git@ledisez.net>	2009-07-16 17:31:20 +0200
committer	Romain LE DISEZ <romain.git@ledisez.net>	2009-07-16 17:31:20 +0200
commit	7f5030ac208c30a7dc576a57cd9e665022ccbde5 (patch)
tree	6b23e78aa8cc2dd363def46e083217e3c9b52f1b /modules/user/controllers/login.php
parent	923732ca4dca6db218f6252a7133cd72f98fa086 (diff)
parent	85b0f580291e375a2c5ec21b8210e59023ee24c2 (diff)