News:

CPG Release 1.6.29
During HTML5 upload, keep pseudo blank code 200 messages from triggering error condition
added Russian language
correct failure to use theme menu icons in album manager
minor vulnerabilities mitigation

Main Menu

register.php -> Line "'{PASSWORD}' => $password," must be removed

Started by Makc666, June 03, 2008, 12:10:53 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Makc666

June 03, 2008, 12:10:53 PM
According to this topic -> http://coppermine-gallery.com/forum/index.php/topic,41910.0.html

File:
register.php

Code:
Code Select
                        $template_vars = array(
                         '{SITE_LINK}' => $site_link,
                         '{USER_NAME}' => $user_name,
                         '{PASSWORD}' => $password,
                         '{SITE_NAME}' => $CONFIG['gallery_name'],
                                );

Line:
Code Select
'{PASSWORD}' => $password,

Must be removed for security reasons.

As if now some one will enter {PASSWORD} to any language file into section
Code Select
$lang_register_activated_email = <<<EOT
the user will receive his password's hash in email.
Print
Go Up Pages1
User actions