- SQLrequest req = SQLreq(this, target, databaseid, "SELECT username, password, hostname, type FROM ircd_opers WHERE username = '?' AND password=md5('?')", username, password);
+ /* Reset hash module first back to MD5 standard state */
+ HashResetRequest(this, HashModule).Send();
+ /* Make an MD5 hash of the password for using in the query */
+ std::string md5_pass_hash = HashSumRequest(this, HashModule, password.c_str()).Send();
+
+ /* We generate our own MD5 sum here because some database providers (e.g. SQLite) dont have a builtin md5 function,
+ * also hashing it in the module and only passing a remote query containing a hash is more secure.
+ */
+
+ SQLrequest req = SQLreq(this, target, databaseid, "SELECT username, password, hostname, type FROM ircd_opers WHERE username = '?' AND password='?'", username, md5_pass_hash);