Project

General

Profile

Actions
Copy link

Bug #22588

closed

fe_user passwords are visible in the info popup window in the backend

Added by Lars Houmark over 14 years ago. Updated over 14 years ago.

Status:
Closed
Priority:
Should have
Assignee:
Steffen Kamper
Category:
-
Target version:
-
Start date:
2010-05-04
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
4.4
PHP Version:
5.2
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

Using the info popup window, by clicking a Website user record icon, the password of the FE user is still visible.

Solution:

Attached patch will hide the password by changing it to a random number of asterisk (*).

This will happen in t3lib_befunc->getProcessedValue and the check is done generic, so that any field that has eval to password will have that replaced, thus this will work for user tables as well.
(issue imported from #M14307)

Files

14307.diff (647 Bytes) 14307.diff Administrator Admin, 2010-05-04 23:47

Related issues 3 (0 open3 closed)

Related to TYPO3 Core - Bug #14805: FE user passwords shown in page module and info popup of list moduleClosed2005-06-08

Actions
Related to TYPO3 Core - Bug #19616: Don't show fe_users password in page moduleClosedSteffen Kamper2008-11-15

Actions
Has duplicate TYPO3 Core - Bug #20295: fe_user passwords are visible in the backendClosedChris topher2009-04-09

Actions
Actions
Copy link
 #1

Updated by Steffen Kamper over 14 years ago

Committed to svn
4_3 rev 7535
trunk rev 7536

Actions
Copy link

Also available in: Atom PDF