sherif.fathy · sherif.fathy · commit b73e51607c72 · 2012-04-24T16:18:15.000Z
git-svn-id: http://webgoat.googlecode.com/svn/trunk@456 4033779f-a91e-0410-96ef-6bf7bf53c507
diff --git a/webgoat/src/main/java/org/owasp/webgoat/lessons/LogSpoofing.java b/webgoat/src/main/java/org/owasp/webgoat/lessons/LogSpoofing.java
@@ -58,6 +58,7 @@ public class LogSpoofing extends LessonAdapter
 	private static final String USERNAME = "username";
 
 	private static final String PASSWORD = "password";
+	
 
 	public final static A MAC_LOGO = new A().setHref("http://www.softwaresecured.com").addElement(new IMG("images/logos/softwaresecured.gif").setAlt("Software Secured").setBorder(0).setHspace(0).setVspace(0));
 	
@@ -94,6 +95,7 @@ protected Element createContent(WebSession s)
 			ec.addElement(t);
 
 			inputUsername = new String(s.getParser().getRawParameter(USERNAME, ""));
+			
 			if (inputUsername.length() != 0)
 			{
 				inputUsername = URLDecoder.decode(inputUsername, "UTF-8");
@@ -107,13 +109,10 @@ protected Element createContent(WebSession s)
 
 			t2.addElement(row4);
 
-			ec.addElement(t2);
-
-			if (inputUsername.length() != 0
-					&& inputUsername.toUpperCase().indexOf(
-															System.getProperty("line.separator")
-																	+ WebGoatI18N.get("LoginSucceededForUserName")+":") >= 0)
-			{
+			ec.addElement(t2);			
+					
+			if (inputUsername.length() > 0 && inputUsername.indexOf('\n') >= 0 && inputUsername.indexOf('\n') >= 0)
+			{				
 				makeSuccess(s);
 			}
 		} catch (UnsupportedEncodingException e)
