X-Git-Url: http://wagnertech.de/gitweb/gitweb.cgi/timetracker.git/blobdiff_plain/7faef0e6d81444ad3ae10d1a2ce62fa753c80a9f..04565403a39edd462f6f7d2ef737366cdc40acf1:/WEB-INF/lib/auth/Auth_db.class.php

diff --git a/WEB-INF/lib/auth/Auth_db.class.php b/WEB-INF/lib/auth/Auth_db.class.php
index c380330c..a3885fb6 100644
--- a/WEB-INF/lib/auth/Auth_db.class.php
+++ b/WEB-INF/lib/auth/Auth_db.class.php
@@ -55,31 +55,6 @@ class Auth_db extends Auth {
     $val = $res->fetchRow();
     if ($val['id'] > 0) {
       return array('login'=>$login,'id'=>$val['id']);
-    } else {
-
-      // If the OLD_PASSWORDS option is defined - set it.
-      if (isTrue(OLD_PASSWORDS)) {
-        $sql = "SET SESSION old_passwords = 1";
-        $res = $mdb2->query($sql);
-        if (is_a($res, 'PEAR_Error')) {
-          die($res->getMessage());
-        }
-      }
-
-      // Try legacy password match. This is needed for compatibility with older versions of TT.
-      $sql = "SELECT id FROM tt_users
-        WHERE login = ".$mdb2->quote($login)." AND password = old_password(".$mdb2->quote($password).") AND status = 1";
-      $res = $mdb2->query($sql);
-      if (is_a($res, 'PEAR_Error')) {
-        return false; // Simply return false for a meaningful error message on screen, see the comment below.
-        // die($res->getMessage()); // old_password() function is removed in MySQL 5.7.5.
-                                    // We are getting a confusing "MDB2 Error: not found" in this case if we die.
-        // TODO: perhaps it's time to simplify things and remove handling of old passwords completely.
-      }
-      $val = $res->fetchRow();
-      if ($val['id'] > 0) {
-        return array('login'=>$login,'id'=>$val['id']);
-      }
     }
 
     // Special handling for admin@localhost - search for an account with admin role with a matching password.