Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: [Solved]: When requesting a new password, coppermine sends more than one to users  (Read 7717 times)

0 Members and 1 Guest are viewing this topic.

paquets

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Posts: 59

Hi,

I was testing the forgot_passwd.php function on my coppermine installation. Everything works perfectly until I click 'continue' when this message appears:

Quote
Password reminder
An email has been sent to *****@*****.com. Please check your email to complete the process.
CONTINUE

I get the e-mail twice or three times with different passwords in each. One of the passwords does actually work but its confusing for users. Any idea what may be the cause?

Thanks!
« Last Edit: June 26, 2009, 12:43:48 am by Phill Luckhurst »
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de

That's expected behaviour: the "forgot password" feature doesn't look up the old password and send you that (because it can't: the old password isn't stored anywhere - the database only knows the md5-hash of the password, but not the actual password itself), but it creates a new random password and sends you that. Clicking on the "forgot password" several times will trigger the sending of a random password several times. That's expected behaviour and not a mistake, but the way the feature was designed to work. As there is nothing broken, there is nothing to fix.
Logged

paquets

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Posts: 59

Thanks for the reply.
The feature works. The problem lies in the fact that I only clicked once on to submit button and got multiple emails with as many different new passwords.
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de

Sounds strange - can't replicate. If you think that this is a genuine bug, please post a link to your gallery and a non-admin test user account.
Logged

paquets

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Posts: 59

Thanks, I really appreciate the help. Since an e-mail account will be needed to test appropriately, I'll just give you the link to the registration page and you can try filling it from there.

The link http://adpharm.net/register.php

Thanks Again!
Logged

phill104

  • Administrator
  • Coppermine addict
  • *****
  • Country: gb
  • Offline Offline
  • Gender: Male
  • Posts: 4841
    • Windsurf.me

Please do as Joachim asked and post a test account for us. We will not register for various reasons which I will not go into.
Logged
It is a mistake to think you can solve any major problems just with potatoes.

paquets

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Posts: 59

Hi Phill,

Somebody else from the dev team replied yesterday and for some reason the post from that person and my reply are not listed anymore. Bottom line is it worked fine for everyone else. I've since upgraded to CPG 1.4.25 and everything works fine for me too. I know this may not be the right place to ask but there's no info on it anywhere, does anyone know when 1.5 is planned to be released?

Thanks!
Logged

Nibbler

  • Guest

There was an issue with the forum, see http://forum.coppermine-gallery.net/index.php/topic,60323.0.html

There is no info on a 1.5 release date because there is no 1.5 release date yet.
Logged

paquets

  • Coppermine regular visitor
  • **
  • Offline Offline
  • Posts: 59

Thanks Nibbler.
Logged

phill104

  • Administrator
  • Coppermine addict
  • *****
  • Country: gb
  • Offline Offline
  • Gender: Male
  • Posts: 4841
    • Windsurf.me

Glad you have it fixed. I'll mark as solved. You may have already done that yourself but it would have been lost.

Logged
It is a mistake to think you can solve any major problems just with potatoes.
Pages: [1]   Go Up
 

Page created in 0.019 seconds with 20 queries.