Advanced search  


cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.

Pages: [1]   Go Down

Author Topic: user update "won't" ignore password field  (Read 4200 times)

0 Members and 1 Guest are viewing this topic.


  • Coppermine newbie
  • Offline Offline
  • Posts: 1
user update "won't" ignore password field
« on: September 23, 2005, 07:34:19 pm »

Originally, leaving password field blank would results in ignore the field and updating other values in user updating menu.
However, I just found that the lastest update in CSV won't ignore this field and keep warning "password cannot be less then 2 characters" something like that.
Please take a look...

« Last Edit: October 17, 2005, 08:05:24 am by GauGau »


  • Guest
Re: user update "won't" ignore password field
« Reply #1 on: September 23, 2005, 08:55:43 pm »

Thankyou for the report.

Old code:

Code: [Select]
if (strlen($user_password) && strlen($user_password) < 2) cpg_die(ERROR,$lang_register_php['err_password_short'], __FILE__, __LINE__);
Code changed by djmaze for utf stuff:

Code: [Select]
if (utf_strlen($user_password) < 2) cpg_die(ERROR, $lang_register_php['err_password_short'], __FILE__, __LINE__);
Newly comitted fix:

Code: [Select]
if ($user_password && utf_strlen($user_password) < 2) cpg_die(ERROR, $lang_register_php['err_password_short'], __FILE__, __LINE__);
Pages: [1]   Go Up

Page created in 0.017 seconds with 18 queries.