Traq > Tickets > Ticket #199

Opened 1 year ago

Last updated 1 year ago

Usercp changes password to hash of email (Ticket #199)

Reported by SteveK
Assigned to
Type Defect
Priority High
Severity Normal
Component Users
Milestone 2.2
Version 2.1.1
Status Fixed
Percent 0%

Description

If a user changes their password, it would change it to the sha1 hash of their email address. In handlers/user.php, on line 108: $password = “, password=’”.$db->res(sha1($_POST[‘email’])).”’”; Should be $_POST[‘new_password’]

Attachments

Ticket History

1 year and 3 months ago by Jack

  • Closed ticket as Fixed

1 year and 3 months ago by SteveK

  • Opened Ticket