[TYPO3-english] sr_feuser_register amd MD5 withtout Javascript
Xavier Perseguers
typo3 at perseguers.ch
Mon Oct 12 15:51:54 CEST 2009
Hi,
> I have a site with sr_feuser_register (2.5.23) and kb_md5fepw (0.4.0).
> Everything works correctly unless a registrant has Javascript disabled.
>
> The issue that every 5-10 registrations the password is not saved as an
> MD5 hash, but in plain text.
> Obviously the user is then not able to log in and complains.
> The reason seems to be that the password given during registration is
> changed to MD5 via JavaScript - which is turned off now and then - and
> therefore the password is stored wrongly as plain text...
>
> Is there a way to get around this issue?
I guess you could check that password is 32 char and if not assume it
was not hashed and do it in PHP
--
Xavier Perseguers
MVC ExtJS Leader
http://forge.typo3.org/projects/show/extension-mvc_extjs
More information about the TYPO3-english
mailing list