FrontEndUsers v 1.6.4 - Change user settings - check for password length
Posted: Thu Apr 09, 2009 6:53 pm
I have realized that in FrontEndUsers 1.6.4 module there is no check for password length in Change user settings.
So, a frontend user can change his password to that consisting of one character.
My approach:
in file action.do_userchangesettings.php I added the following code:
after lines
Also I changed line in en_US.php
It informs Frontenduser more clearly.
Vilkis
So, a frontend user can change his password to that consisting of one character.
My approach:
in file action.do_userchangesettings.php I added the following code:
Code: Select all
//Vilkis BEGIN
elseif( !$this->IsValidPassword($password ) && $password != '')
{
$params['error'] = 1;
$minlen = $this->GetPreference('min_passwordlength', 6 );
$maxlen = $this->GetPreference('max_passwordlength', 20 );
$params['message'] = $this->Lang('error_invalidpassword',$minlen,$maxlen);
$this->Redirect($id, 'changesettings', $returnid, $params );
}
//Vilkis ENDafter lines
Code: Select all
if( $password != $repeat && $password != '')
{
$params['error'] = 1;
$params['message'] = $this->Lang('error_passwordmismatch');
$this->Redirect($id, 'changesettings', $returnid, $params );
}Also I changed line in en_US.php
Code: Select all
$lang['error_invalidpassword'] = 'Invalid the length of password: it should be between %s and %s symbols';Vilkis
