Snitz Forums 2000 - BUG+FIX (3.1SR4) Register with space as password

Snitz Forums 2000

Username:	Password:
Save Password
Forgot your Password?

All Forums

Snitz Forums 2000 DEV-Group

DEV Bug Reports (Closed)

BUG+FIX (3.1SR4) Register with space as password

Forum Locked

Topic Locked

Printer Friendly

Author

Topic

gor
Retired Admin

Netherlands
5511 Posts

Posted - 06 February 2001 : 11:29:17

BUG

Users can set their password to an empty space. This is ofcourse very insecure and should be disallowed.

FIX

in register.asp change line 101 to


	if Trim(Request.Form("Password")) = "" then 
		Err_Msg = Err_Msg &  "<li>You must choose a Password</li>"
	end if

and line 199 to


	strSql = strSql & ", " & "'" & ChkString(Trim(Request.Form("Password")),"password") & "'"

in pop_profile.asp change line 776 and 970 to:


	if Trim(Request.Form("Password")) = "" then 
		Err_Msg = Err_Msg &  "<li>You must choose a Password</li>"
	end if

and line 841 to


	strSql = strSql & " SET M_PASSWORD = '" & ChkString(Trim(Request.Form("Password")),"") & "', "

and line 1023 to


	strSql = strSql & ",    M_PASSWORD = '" & ChkString(Trim(Request.Form("Password")),"") & "'"

Pierre

Reinsnitz
Snitz Forums Admin

USA
3545 Posts

Posted - 17 February 2001 : 22:35:46

the chkString function should take care of the Trim() in the password check

Reinsnitz (Mike)
><)))'>
"Therefore go and make disciples of all nations,..." Matthew 28:19a

Reinsnitz
Snitz Forums Admin

USA
3545 Posts

Posted - 17 February 2001 : 22:45:11

fixed in the source of sf2k_31sr5a6.zip

Reinsnitz (Mike)
><)))'>
"Therefore go and make disciples of all nations,..." Matthew 28:19a

Topic

Forum Locked

Topic Locked

Printer Friendly

Jump To:

Snitz Forums 2000

This page was generated in 0.12 seconds.