aboutsummaryrefslogtreecommitdiff
path: root/wqflask/utility/webqtlUtil.py
diff options
context:
space:
mode:
authorzsloan2015-06-29 10:37:20 -0500
committerzsloan2015-06-29 10:37:20 -0500
commitb8152f98f0d9c2a1ec0d73145a4670153b60a307 (patch)
treef2e419a375b87a361c9288a9defd7bb46fade4b2 /wqflask/utility/webqtlUtil.py
parent1353414114b9595a1b207ae4da28e5e725edc550 (diff)
parenta41f9323ea5b86be6d2139a927586630b222af68 (diff)
downloadgenenetwork2-b8152f98f0d9c2a1ec0d73145a4670153b60a307.tar.gz
Merge pull request #77 from lomereiter/fix_sql
SQL security fixes
Diffstat (limited to 'wqflask/utility/webqtlUtil.py')
-rwxr-xr-xwqflask/utility/webqtlUtil.py16
1 files changed, 0 insertions, 16 deletions
diff --git a/wqflask/utility/webqtlUtil.py b/wqflask/utility/webqtlUtil.py
index 4d7981d9..4b3d0112 100755
--- a/wqflask/utility/webqtlUtil.py
+++ b/wqflask/utility/webqtlUtil.py
@@ -880,22 +880,6 @@ def cmpGenoPos(A,B):
except:
return 0
-#XZhou: Must use "BINARY" to enable case sensitive comparison.
-def authUser(name,password,db, encrypt=None):
- try:
- if encrypt:
- query = 'SELECT privilege, id,name,password, grpName FROM User WHERE name= BINARY \'%s\' and password= BINARY \'%s\'' % (name,password)
- else:
- query = 'SELECT privilege, id,name,password, grpName FROM User WHERE name= BINARY \'%s\' and password= BINARY SHA(\'%s\')' % (name,password)
- db.execute(query)
- records = db.fetchone()
- if not records:
- raise ValueError
- return records#(privilege,id,name,password,grpName)
- except:
- return (None, None, None, None, None)
-
-
def hasAccessToConfidentialPhenotypeTrait(privilege, userName, authorized_users):
access_to_confidential_phenotype_trait = 0
if webqtlConfig.USERDICT[privilege] > webqtlConfig.USERDICT['user']: