Closed Bug 210967 Opened 21 years ago Closed 21 years ago

Password change allows the repeated entry to be blank

Tracking

()

Status:

RESOLVED DUPLICATE of bug 123077

People

(Reporter: bbaetz, Assigned: myk)

Details

Bradley Baetz (:bbaetz)

Reporter

Description

•

21 years ago

(Not a very good summary, but I couldn't come up with anything better)

If you do a password change, you get a form asking you to enter your password
twice. If you leave the matchpassword blank, then the request goes through anyway.

This is because we're mixing |defined| (in token.cgi) and |if ($foo)| (in
ValidatePassword).

Since we don't allow blank passwords, we should probbaly just take any truth
value for |chgpw|.

Bradley Baetz (:bbaetz)

Reporter

Updated

•

21 years ago

Summary: Password change allows the repeated entry to be blank. → Password change allows the repeated entry to be blank

Target Milestone: --- → Bugzilla 2.18

Dave Miller [:justdave]

Comment 1

•

21 years ago


*** This bug has been marked as a duplicate of 123077 ***

Status: NEW → RESOLVED

Closed: 21 years ago

Resolution: --- → DUPLICATE

Dave Miller [:justdave]

Updated

•

21 years ago

Target Milestone: Bugzilla 2.18 → ---

Nobody; OK to take it and work on it

Updated

•

12 years ago

QA Contact: matty_is_a_geek → default-qa

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Password change allows the repeated entry to be blank

Categories

(Bugzilla :: User Accounts, defect)

Tracking

()

People

(Reporter: bbaetz, Assigned: myk)

References

Details

Crash Data

Security

(public)

User Story

Description

Updated

Comment 1

Updated

Updated