user update "won't" ignore password field user update "won't" ignore password field
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

user update "won't" ignore password field

Started by mcdull, September 23, 2005, 07:34:19 PM

Previous topic - Next topic

0 Members and 2 Guests are viewing this topic.

mcdull

Originally, leaving password field blank would results in ignore the field and updating other values in user updating menu.
However, I just found that the lastest update in CSV won't ignore this field and keep warning "password cannot be less then 2 characters" something like that.
Please take a look...

Thanks

Nibbler

Thankyou for the report.

Old code:

if (strlen($user_password) && strlen($user_password) < 2) cpg_die(ERROR,$lang_register_php['err_password_short'], __FILE__, __LINE__);

Code changed by djmaze for utf stuff:

if (utf_strlen($user_password) < 2) cpg_die(ERROR, $lang_register_php['err_password_short'], __FILE__, __LINE__);

Newly comitted fix:

if ($user_password && utf_strlen($user_password) < 2) cpg_die(ERROR, $lang_register_php['err_password_short'], __FILE__, __LINE__);