Index: branches/stable/dns.cgi
===================================================================
--- branches/stable/dns.cgi	(revision 263)
+++ branches/stable/dns.cgi	(revision 317)
@@ -217,11 +217,12 @@
   if ($webvar{action} eq 'login') {
     # Snag ACL/permissions here too
-    my $sth = $dbh->prepare("SELECT user_id,group_id,password,firstname,lastname FROM users WHERE username=?");
+    my $sth = $dbh->prepare("SELECT user_id,group_id,password,firstname,lastname,status FROM users WHERE username=?");
     $sth->execute($webvar{username});
 
-    if (my ($uid,$gid,$pass,$fname,$lname) = $sth->fetchrow_array) {
+    if (my ($uid,$gid,$pass,$fname,$lname,$status) = $sth->fetchrow_array) {
       $webvar{password} = '' if !$webvar{password};
-
-      if ($pass =~ m|^\$1\$([A-Za-z0-9/.]+)\$|) {
+      if (!$status) {
+	$webvar{loginfailed} = 1;
+      } elsif ($pass =~ m|^\$1\$([A-Za-z0-9/.]+)\$|) {
         # native passwords (crypt-md5)
         $webvar{loginfailed} = 1 if $pass ne unix_md5_crypt($webvar{password},$1);