Before:
CREATE PROCEDURE RadGetUser @user VARCHAR(64) , @password VARCHAR(32) AS
SELECT sa.AccountID, sa.Login, sa.Password, NULL, sa.AccountType,
sa.LoginLimit, sa.TimeLeft,
MasterExpire=DateAdd(Day, ma.Extension+ma.OverDue+1, maExpireDate),
SubExpire=DateAdd(Day, sa.Extension+1, saExpireDate)
FROM SubAccounts sa, MasterAccounts ma
WHERE sa.CustomerID = ma.CustomerID
AND sa.Active <> 0
AND ma.Active <> 0
AND sa.Login = @user
AND sa.Password = @password
Now:
CREATE PROCEDURE RadGetUser @user VARCHAR(64) , @password VARCHAR(32) AS
SELECT sa.AccountID, sa.Login, sa.Password, NULL, sa.AccountType,
sa.LoginLimit
FROM SubAccounts sa, MasterAccounts ma
WHERE sa.CustomerID = ma.CustomerID
AND sa.Active <> 0
AND ma.Active <> 0
AND sa.Login = @user
AND sa.Password = @password
I removed the sections with ExpireDate verification, since we don't need
that, but the server still runs the same SQL when verifing users. That is
CREATE PROCEDURE RadGetUser @user VARCHAR(64) , @password VARCHAR(32) AS
SELECT sa.AccountID, sa.Login, sa.Password, NULL, sa.AccountType,
sa.LoginLimit, sa.TimeLeft,
MasterExpire=DateAdd(Day, ma.Extension+ma.OverDue+1, maExpireDate),
SubExpire=DateAdd(Day, sa.Extension+1, saExpireDate)
FROM SubAccounts sa, MasterAccounts ma
WHERE sa.CustomerID = ma.CustomerID
AND sa.Active <> 0
AND ma.Active <> 0
AND sa.Login = @user
AND sa.Password = @password
Is the SQL code "HardCoded" into RadiusNT ?
Nicolaj Ottsen
Tjantik
For more information about this list (including removal) go to:
http://www.iea-software.com/support/maillists/liststart