--- ResponseHandler.pm	2010-05-24 10:09:44.000000000 +0200
+++ /root/vulture-1.99/lib/Vulture/lib/Vulture/ResponseHandler.pm	2008-09-15 18:19:56.000000000 +0200
@@ -186,7 +186,7 @@
 	my $cnx = DBI->connect($uri, $db_user, $db_pass);
 	my ($count, $url, $app_name, $chpasswd);
 
-	my $sql = "SELECT $login_column, ".($url_column ? $url_column : "NULL"). ",". ($group_column ? $group_column : "NULL").",".($post_url_column ? $post_url_column : "NULL").",".($chpasswd_column ? $chpasswd_column : "NULL")." FROM ".$table_name." WHERE $login_column IS NOT NULL AND " .$login_column."=".$dbh->quote($session->{user})." AND ".$password_column."=";
+	my $sql = "SELECT $login_column IS NOT NULL, ".($url_column ? $url_column : "NULL"). ",". ($group_column ? $group_column : "NULL").",".($post_url_column ? $post_url_column : "NULL").",".($chpasswd_column ? $chpasswd_column : "NULL")." FROM ".$table_name." WHERE " .$login_column."='".$session->{user}."' AND ".$password_column."=";
 
 	if ($password_algo eq "plain") {
 		$sql .=  $dbh->quote($session->{pass});
@@ -777,7 +777,7 @@
 			$session{user} = param('vulture_login');
 		}
 		if (param('vulture_password')) {
-			$session{pass} = param('vulture_password');
+			$session{pass} = encode("utf-8", param('vulture_password'));
 		}
 		if ($session{'SSL_CLIENT_M_SERIAL'} and  $session{'SSL_CLIENT_I_DN_CN'}) {
 			$session{user} ||= $session{'SSL_CLIENT_M_SERIAL'};