From 6a36c9831f9127aa1f82cb425e60f8e003877eee Mon Sep 17 00:00:00 2001
From: Eugeniy Mikhailov <evgmik@gmail.com>
Date: Sat, 21 Jan 2012 17:35:34 -0500
Subject: AccessGroupRights checks only against user name

---
 GradeBook_lib.tcl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/GradeBook_lib.tcl b/GradeBook_lib.tcl
index 0eeb478..35b8a67 100755
--- a/GradeBook_lib.tcl
+++ b/GradeBook_lib.tcl
@@ -1886,7 +1886,7 @@ proc Authenticate_User { user_requested password } {
 proc AccessGroupRights {db  user password } {
 	dbg "access rights check for user: $user" msg_level_info
 	set PasswordHash [::md5::md5 -hex $password]
-	set eval_str [list SELECT GroupName FROM GradesTable WHERE UserName='$user' AND PasswordHash='$PasswordHash']
+	set eval_str [list SELECT GroupName FROM GradesTable WHERE UserName='$user']
 	db eval $eval_str group_name_array {}
 	if { [ info exist group_name_array(GroupName) ] } {
 		set group $group_name_array(GroupName);
-- 
cgit v1.2.3