From c7205ea705797dd1ad27dc5ae7e87d4e98169801 Mon Sep 17 00:00:00 2001
From: Michael Vogel <icarus@dabo.de>
Date: Sun, 25 Oct 2015 10:17:23 +0100
Subject: [PATCH] Bugfix: Authorization at ejabberd only worked for uid=1

---
 include/auth_ejabberd.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/include/auth_ejabberd.php b/include/auth_ejabberd.php
index 5d69f1de7f..9a9d9accad 100755
--- a/include/auth_ejabberd.php
+++ b/include/auth_ejabberd.php
@@ -140,6 +140,7 @@ class exAuth
 								$sQuery = "SELECT `uid`, `password` FROM `user` WHERE `nickname`='". $db->escape($sUser) ."'";
 								$this->writeDebugLog("[debug] using query ". $sQuery);
 								if ($oResult = q($sQuery)){
+									$uid = $oResult[0]["uid"];
 									$Error = ($oResult[0]["password"] != hash('whirlpool',$aCommand[3]));
 /*
 									if ($oResult[0]["password"] == hash('whirlpool',$aCommand[3])) {
@@ -156,9 +157,10 @@ class exAuth
 								} else {
 									$this->writeLog("[MySQL] invalid query: ". $sQuery);
 									$Error = true;
+									$uid = -1;
 								}
 								if ($Error) {
-									$oConfig = q("SELECT `v` FROM `pconfig` WHERE `uid`=1 AND `cat` = 'xmpp' AND `k`='password' LIMIT 1;");
+									$oConfig = q("SELECT `v` FROM `pconfig` WHERE `uid`=%d AND `cat` = 'xmpp' AND `k`='password' LIMIT 1;", intval($uid));
 									$this->writeLog("[exAuth] got password ".$oConfig[0]["v"]);
 									$Error = ($aCommand[3] != $oConfig[0]["v"]);
 								}