Password change allows the repeated entry to be blank

RESOLVED DUPLICATE of bug 123077

Status

()

Bugzilla
User Accounts
--
major
RESOLVED DUPLICATE of bug 123077
15 years ago
5 years ago

People

(Reporter: bbaetz, Assigned: myk)

Tracking

Details

(Reporter)

Description

15 years ago
(Not a very good summary, but I couldn't come up with anything better)

If you do a password change, you get a form asking you to enter your password
twice. If you leave the matchpassword blank, then the request goes through anyway.

This is because we're mixing |defined| (in token.cgi) and |if ($foo)| (in
ValidatePassword).

Since we don't allow blank passwords, we should probbaly just take any truth
value for |chgpw|.
(Reporter)

Updated

15 years ago
Summary: Password change allows the repeated entry to be blank. → Password change allows the repeated entry to be blank
Target Milestone: --- → Bugzilla 2.18

*** This bug has been marked as a duplicate of 123077 ***
Status: NEW → RESOLVED
Last Resolved: 15 years ago
Resolution: --- → DUPLICATE
Target Milestone: Bugzilla 2.18 → ---
QA Contact: matty_is_a_geek → default-qa
You need to log in before you can comment on or make changes to this bug.