Bug #507

Max password length

Added by Saeed Gholamian over 2 years ago. Updated over 2 years ago.

Status:Closed Start date:10/28/2009
Priority:Normal Due date:
Assignee:Ryan Gordon % Done:

100%
Category:Registration
Target version:1.4.10
Reproducibility:Always Database Type:
Reported In MyBB Version:1.4.9 Database Version:
PHP Version: SQA assignments:
Browser:

Description

Hi,

File: inc/datahandlers/user.php
Lines: 166-177

@ function verify_password() {
global $mybb;

$user = &$this->data;
// Always check for the length of the password.
        if(my_strlen($user['password']) < $mybb->settings['minpasswordlength'])
{
            $this->set_error('invalid_password_length', array($mybb->settings['minpasswordlength'], $mybb->settings['maxpasswordlength']));
            return false;
        }@

This just check minimum password length (and not maximum password length). I think line 173 must be:

if(my_strlen($user['password']) < $mybb->settings['minpasswordlength'] || my_strlen($user['password']) > $mybb->settings['maxpasswordlength'])

Associated revisions

Revision 4494
Added by Ryan Gordon over 2 years ago

Fixes Max password length (fixes:507)

History

#1
Updated by Ryan Gordon over 2 years ago

  • Assignee deleted (Ryan Gordon)

Please do not assign bug reports to specific developers.

#2
Updated by Ryan Gordon over 2 years ago

  • Assignee set to Ryan Gordon
  • Target version set to 1.4.10

#3
Updated by Ryan Gordon over 2 years ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

Applied in changeset r4494.

#4
Updated by Michael Schlechtinger over 2 years ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF