View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0000374 | Main CAcert Website | website content | public | 2006-12-19 06:35 | 2013-01-14 21:03 |
Reporter | gaofi | Assigned To | |||
Priority | normal | Severity | minor | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Fixed in Version | 2006 | ||||
Summary | 0000374: thawte verification wiki | ||||
Description | There should be a note saying that you can NOT use single-quote characters (and possibly others) in you password if you want the process to function correctly. If your passwor includes single-quotes, you end up with a "I'm sorry, I couldn't match your login details to your certificate to an account on this system.", with no reference to the password field itself ! | ||||
Tags | No tags attached. | ||||
Reviewed by | |||||
Test Instructions | |||||
|
Duane, FYI, this was not a duplicate. I posted two different bugs to address both the code bug, and the wiki...on request by philipp gühring. Anyway, this is now a nearly solved bug, as I sent him the following patch, wiche solves the issue : diff -ur cacert.orig/tverify/index.php cacert.patched/tverify/index.php --- cacert.orig/tverify/index.php 2006-08-13 02:49:44.000000000 +0200 +++ cacert.patched/tverify/index.php 2006-12-18 23:14:45.000000000 +0100 @@ -47,7 +47,7 @@ if($id == 1) { $email = mysql_escape_string($_REQUEST["email"]); - $password = mysql_escape_string($_REQUEST["pword"]); + $password = mysql_escape_string(stripslashes(trim($_REQUEST["pword"]))); $URL = mysql_escape_string($_REQUEST["notaryURL"]); $CN = mysql_escape_string($_SESSION['_config']['CN']); $memid = mysql_escape_string($_SESSION['_config']['uid']); |
|
patch applied. |
Date Modified | Username | Field | Change |
---|---|---|---|
2006-12-19 06:35 | gaofi | New Issue | |
2006-12-19 10:36 | gaofi | Note Added: 0000759 | |
2006-12-19 10:41 | gaofi | Note Edited: 0000759 | |
2006-12-20 10:23 | duane | Status | new => solved? |
2006-12-20 10:23 | duane | Resolution | open => fixed |
2006-12-20 10:23 | duane | Assigned To | => duane |
2006-12-20 10:23 | duane | Note Added: 0000760 | |
2007-10-24 05:53 | evaldo | Assigned To | duane => |
2007-10-24 05:53 | evaldo | Status | solved? => closed |
2013-01-14 21:03 | Werner Dworak | Fixed in Version | => 2006 |