Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: Database error when creating new users or modifying passwords in usermgr.php  (Read 3398 times)

0 Members and 1 Guest are viewing this topic.

Casper

  • VIP
  • Coppermine addict
  • ***
  • Country: 00
  • Offline Offline
  • Gender: Male
  • Posts: 5231

Fresh install, standalone 1.4.1 checkout less than 1 hour ago.

You can create new users, but only if you leave the password field blank. If you do leave it blank, the new user cannot log in.

You cannot edit passwords in usermgr.php.

As a new install, this has the password encrypted.

db error is;

Quote
While executing query "UPDATE cpg140_users SET user_name = 'Pat', user_email = 'patzscott@rogers.com', user_active = 'YES', user_group = '1', user_profile1 = '', user_profile2 = '', user_profile3 = '', user_profile4 = '', user_profile5 = '', user_profile6 = '', user_group_list = '2'81069b209152545c2c3a86aa40f60699 WHERE user_id = '3'" on 0

mySQL error: You have an error in your SQL syntax.  Check the manual that corresponds to your MySQL server version for the right syntax to use near '81069b209152545c2c3a86aa40f60699 WHERE user_id = '3'' at line 1

I believe it to be related to this code, which I don't know how to change;

Code: [Select]
if (strlen($user_password)) $sql_update .= ", user_password = '".($CONFIG['enable_encrypted_passwords'])?md5($user_password):$user_password."'";
    $sql_update .= " WHERE user_id = '$user_id'";
« Last Edit: February 18, 2005, 08:57:30 am by GauGau »
Logged
It has been a long time now since I did my little bit here, and have done no coding or any other such stuff since. I'm back to being a noob here

Nibbler

  • Guest

It needs an extra set of brackets around it, so it looks like this:

Code: [Select]
.(($CONFIG['enable_encrypted_passwords'])?md5($user_password):$user_password).
Logged

Casper

  • VIP
  • Coppermine addict
  • ***
  • Country: 00
  • Offline Offline
  • Gender: Male
  • Posts: 5231

Yep, works fine now thanks Nibbler.

Will commit shortly.
Logged
It has been a long time now since I did my little bit here, and have done no coding or any other such stuff since. I'm back to being a noob here

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de

confirming fix, marking as "fixed".

Joachim
Logged
Pages: [1]   Go Up
 

Page created in 0.017 seconds with 19 queries.