[TYPO3-core] RFC: Bug #12517: Password change in User tools -> User setup impossible if rsaauth and saltedpassword are installed

Oliver Hader oliver at typo3.org
Tue Nov 17 17:37:48 CET 2009


FYI: Committed to SVN Trunk (rev. 6452)

olly

Oliver Hader schrieb:
> This is an SVN patch request.
> 
> Type: Bugfix
> 
> Bugtracker references:
> http://bugs.typo3.org/view.php?id=12517
> 
> Branches: Trunk
> 
> Problem:
> With SaltedPasswords installed and changing the password in the User
> Settings module, it tells that the password was changed. However, no
> data was really written to the database and the old password still remains.
> 
> Solution:
> The User Settings module calls the TCEmain hooks directly and delivers
> that for storing to TCEmain again - thus, the hooks get called twice and
> results in non-changed value in the database.
> Calling the TCEmain hooks was removed from the User Settings module.
> Besides that there was a hardcoded check agains a stored password with
> the length of 32 characters (thus MD5) - I could not figure out why this
> is still required - it was integrated in rev. 347 when that module was
> integrated to the Core.
> 
> Notes:
> I'm going to do some more cleanup when this patch was accepted.
> 
> olly
-- 
Oliver Hader
TYPO3 Release Manager 4.3


More information about the TYPO3-team-core mailing list