mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-08-16 13:44:12 +02:00
Code Issues Releases Wiki Activity

[ticket/8713] Revert changes to ucp_profile, ucp_register and acp_users.

Browse Source 
Currently only auth_db is supported there and the password needs to be trimmed
for compatibility because user_password stores

  phpbb_hash(htmlspecialchars(trim($password)))

Setting passwords for other auth modules is currently not supported.

Once setting/changing passwords is supported by auth plugins, the
untrimmed_variable() should be used here and the result should be passed
to the auth plugin.

PHPBB3-8713
This commit is contained in:
Andreas Fischer
2012-09-08 15:02:06 +02:00
parent 1e05fd4c62
commit 73a75fc3d3
3 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
phpBB/includes/acp/acp_users.php
View File

@@ -770,8 +770,8 @@ class acp_users
'username' => utf8_normalize_nfc(request_var('user', $user_row['username'], true)),
'user_founder' => request_var('user_founder', ($user_row['user_type'] == USER_FOUNDER) ? 1 : 0),
'email' => strtolower(request_var('user_email', $user_row['user_email'])),
'new_password' => $request->untrimmed_variable('new_password', '', true),
'password_confirm' => $request->untrimmed_variable('password_confirm', '', true),
'new_password' => $request->variable('new_password', '', true),
'password_confirm' => $request->variable('password_confirm', '', true),
);
// Validation data - we do not check the password complexity setting here