0.6.3

* fix login, password length was not checked #852
2 years ago · c7060e40ff
3 changed files with 11 additions and 6 deletions
--- a/src/CHANGES.md
+++ b/src/CHANGES.md
@ -1,5 +1,8 @@
 # Development Changes

+## 0.6.3 - 2023-04-04
+* fix login, password length was not checked #852
+
 ## 0.6.2 - 2023-04-04
 * fix login from multiple clients #819
 * fix login screen on small displays
--- a/src/defines.h
+++ b/src/defines.h
@ -13,7 +13,7 @@
 //-------------------------------------
 #define VERSION_MAJOR       0
 #define VERSION_MINOR       6
-#define VERSION_PATCH       2
+#define VERSION_PATCH       3

 //-------------------------------------
 typedef struct {
--- a/src/web/web.h
+++ b/src/web/web.h
@ -130,11 +130,13 @@ class Web {
            bool prot;
            prot = mProtected;
            if(!prot) {
-                uint8_t ip[4];
-                ah::ip2Arr(ip, request->client()->remoteIP().toString().c_str());
-                for(uint8_t i = 0; i < 4; i++) {
-                    if(mLoginIp[i] != ip[i])
-                        prot = true;
+                if(strlen(mConfig->sys.adminPwd) > 0) {
+                    uint8_t ip[4];
+                    ah::ip2Arr(ip, request->client()->remoteIP().toString().c_str());
+                    for(uint8_t i = 0; i < 4; i++) {
+                        if(mLoginIp[i] != ip[i])
+                            prot = true;
+                    }
                }
            }