Radicore Forum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » RADICORE » How To » passwords
passwords [message #1062] Mon, 20 August 2007 15:11 Go to next message
interop is currently offline  interop
Messages: 45
Registered: October 2006
Member
I'm having a couple problems but related to the same thing.

1. The interface allows you to include the characters deemed invalid by encryption_class (', ", \) when you change your password.

2. I changed a test user's password to testtest\ and testtest' but then couldn't log in due to the sql error produced by: user_password='testtest\' and user_password='testtest''

3. If you change Encrypt Passwords from no to yes in the menu control, the post update record fails when it encounters a password with one of the invalid characters (', ", \) but doesn't return the error to the screen. All passwords processed before the password with the invalid character are encrypted and the rest are not.

version 1.27.0, php5, mysql5

[Updated on: Mon, 20 August 2007 15:32]

Report message to a moderator

Re: passwords [message #1063 is a reply to message #1062] Mon, 20 August 2007 19:16 Go to previous message
AJM is currently offline  AJM
Messages: 2368
Registered: April 2006
Location: Surrey, UK
Senior Member
You forgot to say that you started with 'Password Encryption' set to NO in the control screen.

This is really a bug, so should have been reported as a bug and not a "How to" topic.

I have changed the code so that it will test for invalid characters even when the passwords are not encrypted. Please see attached file.

I will make a more permanent fix later which tests all the password changes before it updates the database.


Previous Topic: Deleting Tasks (Menus and Procs)
Next Topic: CONCAT ((SELECT ...),...) Error
Goto Forum:
  


Current Time: Sun Nov 24 06:50:55 EST 2024

Total time taken to generate the page: 0.01115 seconds