diff options
| author | Andreas Fischer <bantu@phpbb.com> | 2012-09-08 15:02:06 +0200 |
|---|---|---|
| committer | Andreas Fischer <bantu@phpbb.com> | 2012-09-09 21:10:29 +0200 |
| commit | 73a75fc3d387f8d923186c5c04b1ca7bc6cda4ef (patch) | |
| tree | e8fae97924b475ab272b8a639199ed10c17a5c32 | |
| parent | 1e05fd4c627d23b7756796c5acac27d2562a8607 (diff) | |
| download | forums-73a75fc3d387f8d923186c5c04b1ca7bc6cda4ef.tar forums-73a75fc3d387f8d923186c5c04b1ca7bc6cda4ef.tar.gz forums-73a75fc3d387f8d923186c5c04b1ca7bc6cda4ef.tar.bz2 forums-73a75fc3d387f8d923186c5c04b1ca7bc6cda4ef.tar.xz forums-73a75fc3d387f8d923186c5c04b1ca7bc6cda4ef.zip | |
[ticket/8713] Revert changes to ucp_profile, ucp_register and acp_users.
Currently only auth_db is supported there and the password needs to be trimmed
for compatibility because user_password stores
phpbb_hash(htmlspecialchars(trim($password)))
Setting passwords for other auth modules is currently not supported.
Once setting/changing passwords is supported by auth plugins, the
untrimmed_variable() should be used here and the result should be passed
to the auth plugin.
PHPBB3-8713
| -rw-r--r-- | phpBB/includes/acp/acp_users.php | 4 | ||||
| -rw-r--r-- | phpBB/includes/ucp/ucp_profile.php | 6 | ||||
| -rw-r--r-- | phpBB/includes/ucp/ucp_register.php | 4 |
3 files changed, 7 insertions, 7 deletions
diff --git a/phpBB/includes/acp/acp_users.php b/phpBB/includes/acp/acp_users.php index 2905b84d57..985a12d9ce 100644 --- a/phpBB/includes/acp/acp_users.php +++ b/phpBB/includes/acp/acp_users.php @@ -770,8 +770,8 @@ class acp_users 'username' => utf8_normalize_nfc(request_var('user', $user_row['username'], true)), 'user_founder' => request_var('user_founder', ($user_row['user_type'] == USER_FOUNDER) ? 1 : 0), 'email' => strtolower(request_var('user_email', $user_row['user_email'])), - 'new_password' => $request->untrimmed_variable('new_password', '', true), - 'password_confirm' => $request->untrimmed_variable('password_confirm', '', true), + 'new_password' => $request->variable('new_password', '', true), + 'password_confirm' => $request->variable('password_confirm', '', true), ); // Validation data - we do not check the password complexity setting here diff --git a/phpBB/includes/ucp/ucp_profile.php b/phpBB/includes/ucp/ucp_profile.php index db1e3e4722..89bf20a30f 100644 --- a/phpBB/includes/ucp/ucp_profile.php +++ b/phpBB/includes/ucp/ucp_profile.php @@ -46,9 +46,9 @@ class ucp_profile $data = array( 'username' => utf8_normalize_nfc(request_var('username', $user->data['username'], true)), 'email' => strtolower(request_var('email', $user->data['user_email'])), - 'new_password' => $request->untrimmed_variable('new_password', '', true), - 'cur_password' => $request->untrimmed_variable('cur_password', '', true), - 'password_confirm' => $request->untrimmed_variable('password_confirm', '', true), + 'new_password' => $request->variable('new_password', '', true), + 'cur_password' => $request->variable('cur_password', '', true), + 'password_confirm' => $request->variable('password_confirm', '', true), ); add_form_key('ucp_reg_details'); diff --git a/phpBB/includes/ucp/ucp_register.php b/phpBB/includes/ucp/ucp_register.php index 5ae92a5cea..c57aec00a0 100644 --- a/phpBB/includes/ucp/ucp_register.php +++ b/phpBB/includes/ucp/ucp_register.php @@ -170,8 +170,8 @@ class ucp_register $data = array( 'username' => utf8_normalize_nfc(request_var('username', '', true)), - 'new_password' => $request->untrimmed_variable('new_password', '', true), - 'password_confirm' => $request->untrimmed_variable('password_confirm', '', true), + 'new_password' => $request->variable('new_password', '', true), + 'password_confirm' => $request->variable('password_confirm', '', true), 'email' => strtolower(request_var('email', '')), 'lang' => basename(request_var('lang', $user->lang_name)), 'tz' => request_var('tz', $timezone), |