Fix for HTML-encoded special characters in passwords.

Auth.pm

@@ -35,6 +35,8 @@ package Auth;
 use strict;
 use base qw(SystemModule);
 
+use HTML::Entities;
+
 # Custom module imports
 use AuthMethods;
 
@@ -215,6 +217,9 @@ sub valid_user {
     my $valid      = 0;
     my $methodimpl;
 
+    # clean up the password
+    $password = decode_entities($password);
+
     $self -> clear_error();
 
     # Is the user disabled?