Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: Possible bug in "reset password" function?  (Read 4554 times)

0 Members and 1 Guest are viewing this topic.

enigmaticx

  • Coppermine newbie
  • Offline Offline
  • Posts: 1
Possible bug in "reset password" function?
« on: January 29, 2006, 04:03:49 am »

When an admin attemps to reset another user's password via usermgr.php, the user is no longer able to login. Looking at the database itself reveals that the plaintext password has been saved to the database, rather than the md5 hash version of it.

The config value 'enable_encrypted_passwords' is set to 1 in the database. I can see that all existing accounts have their password encrypted in the database.

This applies to cpg1.4.3 - this is not an upgrade from a prior version, but a clean install.
« Last Edit: February 04, 2006, 12:59:12 pm by GauGau »
Logged

Nibbler

  • Guest
Re: Possible bug in "reset password" function?
« Reply #1 on: January 29, 2006, 04:29:03 pm »

Unable to replicate, works fine for me.
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: Possible bug in "reset password" function?
« Reply #2 on: January 30, 2006, 12:26:35 am »

@enigmaticx: please post a link to your site.
Logged

Blueiris

  • VIP
  • Coppermine frequent poster
  • ***
  • Offline Offline
  • Gender: Female
  • Posts: 170
  • Horse poor!
    • Saddlebred World Gallery
Re: Possible bug in "reset password" function?
« Reply #3 on: February 03, 2006, 11:21:26 pm »

@Nibbler: I can confirm that this is a bug. Ran across this issue in testing cpgNG this morning, and reported it in that subforum. Also found it in cpg143 after testing that.

If the admin uses the User manager to reset the passwords for one or more users by checking them in user manager and then using the dropdown box and text entry field at the bottom of the User manager, the password is entered into cpg143_users as plain text, regardless of the setting of enable_encrypted_passwords in cpg143_config.

If enable_encrypted_passwords is set to 1, when the user tries to log in with the new password the login fails.

I think the problem is in delete.php at line 630, where the new password is being set without testing the value of enable_encrypted_passwords.

Quote
                           // set this user's password
                            $new_password = addslashes($_REQUEST['new_password']);
                            cpg_db_query("UPDATE {$CONFIG['TABLE_USERS']} SET user_password = '$new_password' WHERE  user_id = '$key'");
                            printf($lang_delete_php['password_reset'], '«'.$_REQUEST['new_password'].'»');
                            print '</b></td>';

« Last Edit: February 03, 2006, 11:29:33 pm by Blueiris »
Logged
You can lead a horse to water, but you can't make him drink - he's got to discover that it's wet for himself.

Abbas Ali

  • Administrator
  • Coppermine addict
  • *****
  • Country: in
  • Offline Offline
  • Gender: Male
  • Posts: 2165
  • Spread the PHP Web
    • Ranium Systems
Re: Possible bug in "reset password" function?
« Reply #4 on: February 04, 2006, 09:01:40 am »

Confirming the bug. Fixed and committed to stable and devel.

@enigmaticx and Roberta: Thanks.


Abbas
Logged
Chief Geek at Ranium Systems
Pages: [1]   Go Up
 

Page created in 0.016 seconds with 19 queries.