Comments (6)
panique
commented on July 20, 2024
I just checked this, and 1.) passwords are checked for being exactly the same in line 61, classes/Registration.php && ($_POST['user_password_new'] == $_POST['user_password_repeat']) and 2.) 0 and 00 are not even possible due to the empty()-checks some lines above. Please see the docs for php's empty function here: php.net/manual/en/function.empty.php
As this is false alarm, I will close this ticket.
from huge.
panique
commented on July 20, 2024
btw the unnecessary password_repeat property will be removed in the next days!
from huge.
minitech
commented on July 20, 2024
$_POST['user_password_new'] == $_POST['user_password_repeat'] isn’t “exactly equal” in PHP. I wasn’t aware that empty is that horrible in PHP as well, but there you go :)
from huge.
panique
commented on July 20, 2024
I just had some research, and i must say that you are totally right with the ==. 0 and 00 would not be real case (as 0 is filtered out by empty()), but 0001 and 1 would be true. Interesting case! Never seen that in any of the login script i've worked through.
EDIT: Ah, I just saw your link that says exactly the same ;)
from huge.
panique
commented on July 20, 2024
This is an extremely weird egde case, but i agree, it's cleaner to do it like this. It's fixed and pushed.
from huge.
panique
commented on July 20, 2024
Btw BIG THANKS for your excellent support! This has improved some elements in the script quite much.
from huge.
Related Issues (20)
- Installation HOT 1
- [QUESTION] PostgreSQL HOT 4
- MySQL connection error HOT 3
- [NOTE] bootstrap.sh HOT 1
- ❤ ! HOT 1
- Changes for Postgres
- Calling model on view?
- Session validation improvement
- Q
- Configuration files
- Configuration files HOT 5
- New user registration issue
- A question about data sent to the view from the controllers HOT 1
- in the encryption.php file HOT 1
- Pagination Class
- Agregar AJAX al proyecto
- Trying to get in touch regarding a security issue HOT 4
- ErrorController redeclaration HOT 2
- PHP code analizing does not work. HOT 3
- Connection problems with MySql (MariaDb)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from huge.