View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000374 | Main CAcert Website | website content | public | 2006-12-19 06:35 | 2013-01-14 21:03 |
| Reporter | gaofi | Assigned To | |||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | closed | Resolution | fixed | ||
| Fixed in Version | 2006 | ||||
| Summary | 0000374: thawte verification wiki | ||||
| Description | There should be a note saying that you can NOT use single-quote characters (and possibly others) in you password if you want the process to function correctly. If your passwor includes single-quotes, you end up with a "I'm sorry, I couldn't match your login details to your certificate to an account on this system.", with no reference to the password field itself ! | ||||
| Tags | No tags attached. | ||||
| Reviewed by | |||||
| Test Instructions | |||||
|
|
Duane, FYI, this was not a duplicate. I posted two different bugs to address both the code bug, and the wiki...on request by philipp gühring. Anyway, this is now a nearly solved bug, as I sent him the following patch, wiche solves the issue : diff -ur cacert.orig/tverify/index.php cacert.patched/tverify/index.php --- cacert.orig/tverify/index.php 2006-08-13 02:49:44.000000000 +0200 +++ cacert.patched/tverify/index.php 2006-12-18 23:14:45.000000000 +0100 @@ -47,7 +47,7 @@ if($id == 1) { $email = mysql_escape_string($_REQUEST["email"]); - $password = mysql_escape_string($_REQUEST["pword"]); + $password = mysql_escape_string(stripslashes(trim($_REQUEST["pword"]))); $URL = mysql_escape_string($_REQUEST["notaryURL"]); $CN = mysql_escape_string($_SESSION['_config']['CN']); $memid = mysql_escape_string($_SESSION['_config']['uid']); |
|
|
patch applied. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2006-12-19 06:35 | gaofi | New Issue | |
| 2006-12-19 10:36 | gaofi | Note Added: 0000759 | |
| 2006-12-19 10:41 | gaofi | Note Edited: 0000759 | |
| 2006-12-20 10:23 | duane | Status | new => solved? |
| 2006-12-20 10:23 | duane | Resolution | open => fixed |
| 2006-12-20 10:23 | duane | Assigned To | => duane |
| 2006-12-20 10:23 | duane | Note Added: 0000760 | |
| 2007-10-24 05:53 | evaldo | Assigned To | duane => |
| 2007-10-24 05:53 | evaldo | Status | solved? => closed |
| 2013-01-14 21:03 | Werner Dworak | Fixed in Version | => 2006 |
