Announcement

**John** · Sat 2 Jun '01, 3:45am

No there is no such known bug.

Do you have $pwdincp=1; in your config.php file? If so, I believe that there was an issue with editing the user's profile from within the admin control panel. I'll look into it.

John

**Unixmad** · Sat 2 Jun '01, 6:08am

Bug in admin user.php

I have found the bug that do blank password:

In admin/user.php when you edit a user with pwdincp=1

Here is the original code:

if ($pwdincp==1) {
makeinputcode("Password<br>Leave blank unless you want to change it","password");
}

and later in the code you have :

if (($pwdincp==1 and $password!="") or $pwdincp==2) {
$pwdinclude=",password='".addslashes($apassword)."'";
}

We see that password is never used to update the password in the UPDATE request, i have corrected the bug with this:

if ($pwdincp==1) {
makeinputcode("Password<br>Leave blank unless you want to change it","apassword");
}

if (($pwdincp==1 and $apassword!="") or $pwdincp==2) {
$pwdinclude=",password='".addslashes($apassword)."'";
}

Announcement

Blank password

Blank password

Comment

Comment

Related Topics