summaryrefslogtreecommitdiff
path: root/LedgerSMB
diff options
context:
space:
mode:
Diffstat (limited to 'LedgerSMB')
-rwxr-xr-xLedgerSMB/Session.pm4
1 files changed, 2 insertions, 2 deletions
diff --git a/LedgerSMB/Session.pm b/LedgerSMB/Session.pm
index d287d199..902e67c4 100755
--- a/LedgerSMB/Session.pm
+++ b/LedgerSMB/Session.pm
@@ -53,7 +53,7 @@ sub session_check {
my ($sessionLogin) = $checkQuery->fetchrow_array;
my $login = $form->{login};
- $login =~ s/[^a-zA-Z0-9@.-]//g;
+ $login =~ s/[^a-zA-Z0-9@_.-]//g;
if($sessionLogin eq $login){
$updateAge->execute($sessionid) || $form->dberror('Updating session age: ');
@@ -94,7 +94,7 @@ sub session_create {
# this is assuming that $form->{login} is safe, which might be a bad assumption
# so, I'm going to remove some chars, which might make previously valid logins invalid
my $login = $form->{login};
- $login =~ s/[^a-zA-Z0-9@.-]//g;
+ $login =~ s/[^a-zA-Z0-9@._-]//g;
#delete any existing stale sessions with this login if they exist
if (!$myconfig{timeout}){