Bug #70118
closed
Backend Login not successful with correct password
100%
Description
Hello Core-Team,
When I edit some of my be_user properties in list-module, there are some ** in the password field. I think they are a problem, because after saving my be_user record I have a new unworking Hash value in my record.
Stefan Frömken
Updated by Stefan Froemken over 8 years ago
Muhahaha. After saving my record I can login with 8 * as password
:-)
Updated by
Updated by Gerrit Code Review over 8 years ago
- Status changed from New to Under Review
Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/43572
Updated by Nicole Cordes over 8 years ago
- Status changed from Under Review to Needs Feedback
Hi Stefan,
can you please give some more information about your set up? I can't verify that wrong data gets submitted. It seems your JavaScript is broken and not executed before the form gets submitted. Can you see any output in your browser console? And which browser are you using?
Thanks for your feedback.
Updated by Stefan Froemken over 8 years ago
Hello Nicole,
I have two TYPO3 instances. One with many activated extensions and one without any foreign extension.
I have the problem in Google Chrome and in FireFox.
I don't have OpenId Extension activated.
I don't have any JavaScript Errors either in FF and Chrome.
Xdebug told me that 8 stars are in request POST.
BUT: Following seems to happen in slooooow motion:
- I click on save icon
- after ~0.5 seconds the stars in password field hides. So I see an empty password field
- The other form fields are still filled
- Some milliseconds further the page reloads
- I see the edit form again
Maybe the JavaScript to clear the field was called to late. But that is only an idea.
Tell me where I can find the script to clear this field and I will try to debug it.
Stefan
Updated by Stefan Froemken over 8 years ago
I'm working with current master 7.5-dev
Stefans-MBP:typo3_src stefan$ git log -3
commit e325d476176c2f3f0307faccb35efec361bcb494
Updated by Anja Leichsenring over 8 years ago
- Status changed from Needs Feedback to Accepted
verified, the problem exists and can be reproduced by editing any be_users record, while not touching the password field. Changing any other field and saving the data leads to a changed PW containing only asteriks.
Updated by Jan Helke over 8 years ago
Jepp. I can confirm this issue. List view -> show Table -> show password column -> click on the pencil -> change on password -> save
All other passwords are now ** (eight asterisks)
Updated by Anja Leichsenring over 8 years ago
the same is by the way true for Frontend User Records, and so it will be for every password field around, that has renderType 'rsaInput' defined.
Updated by Gerrit Code Review over 8 years ago
- Status changed from Accepted to Under Review
Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/43581
Updated by Gerrit Code Review over 8 years ago
Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at http://review.typo3.org/43581
Updated by Nicole Cordes over 8 years ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset d7da9074b2f9be278591281bb6edf398009e2f66.
Updated by Riccardo De Contardi over 6 years ago
- Status changed from Resolved to Closed