register.php -> Line "'{PASSWORD}' => $password," must be removed register.php -> Line "'{PASSWORD}' => $password," must be removed
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

register.php -> Line "'{PASSWORD}' => $password," must be removed

Started by Makc666, June 03, 2008, 12:10:53 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Makc666

June 03, 2008, 12:10:53 PM
According to this topic -> http://forum.coppermine-gallery.net/index.php/topic,41910.0.html

File:
register.php

Code:
Code Select
                        $template_vars = array(
                         '{SITE_LINK}' => $site_link,
                         '{USER_NAME}' => $user_name,
                         '{PASSWORD}' => $password,
                         '{SITE_NAME}' => $CONFIG['gallery_name'],
                                );

Line:
Code Select
'{PASSWORD}' => $password,

Must be removed for security reasons.

As if now some one will enter {PASSWORD} to any language file into section
Code Select
$lang_register_activated_email = <<<EOT
the user will receive his password's hash in email.
Print
Go Up Pages1
User actions