Project

General

Profile

Actions

Bug #87349

closed

Epic #92636: felogin bug collection

FELogin - password recovery / forgot link

Added by Benjamin Reinisch about 5 years ago. Updated 23 days ago.

Status:
Closed
Priority:
Must have
Assignee:
-
Category:
felogin
Target version:
-
Start date:
2019-01-07
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
9
PHP Version:
7.2
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

The password forgot link is not correctly generated, the url contains the following GET params:

http://test.domain/navigationen/login?tx_felogin_pi1%5Bforgothash%5D=1546897690%7C4e485fd92fe2beebebf2f3b244e94371&tx_felogin_pi1%5Buser%5D=123&cHash=6de0887c9d906f020ca766f7c8067c03

tx_felogin_pi1%5Bforgothash%5D: 1546897690|4e485fd92fe2beebebf2f3b244e94371
tx_felogin_pi1%5Buser%5D: 123
cHash: 6de0887c9d906f020ca766f7c8067c03

Therefore sysext/felogin/Classes/Controller/FrontendLoginController.php:181 is never reached:

177: // What to display
178:        $content = '';
179:        if ($this->piVars['forgot'] && $this->conf['showForgotPasswordLink']) {
180:            $content .= $this->showForgot();
181:        } elseif ($this->piVars['forgothash']) {
182:            $content .= $this->changePassword();
183:        } else {
184:            if ($this->userIsLoggedIn && !$this->logintype) {
185:                $content .= $this->showLogout();
186:            } else {
187:                $content .= $this->showLogin();
188:            }
189:        }

If I modify it, so the url gets correctly encoded, then the chash comparison fails.


Related issues 3 (0 open3 closed)

Related to TYPO3 Core - Bug #87664: fe_login password reset link is double encodedClosed2019-02-06

Actions
Related to TYPO3 Core - Bug #89960: Frontend login password reset link incorrect if feloginBaseURL is set and site configuration is usedClosed2019-12-16

Actions
Related to TYPO3 Core - Task #90729: Migrate Felogin mail to FluidEmailClosedTobi Kretschmann2020-03-10

Actions
Actions

Also available in: Atom PDF