Actions
Bug #87403
closed
felogin: password forgotten form is not displayed after clicking link in email - double encoded forgothash
Start date:
2019-01-11
Due date:
% Done:
0%
Estimated time:
TYPO3 Version:
9
PHP Version:
7.2
Tags:
felogin bug double rawurlencoded
Complexity:
easy
Is Regression:
Yes
Sprint Focus:
Description
Hello,
i use the felogin extension for the first time in a TYPO3 v9 installation. When testing the "password forgotten" function I found a bug:
After clicking on link in "password forgotten" e-mail, the login form will be displayed instead of the password change form.
It seems to be that the link with the forgothash is double encoded. The following changes in the core sysext felogin has solved the problem for me:
File path:
typo3/sysext/felogin/Classes/Controller/FrontendLoginController.php
Line 466-467, old code:
rawurlencode($this->prefixId . '[user]') => $user['uid'],
rawurlencode($this->prefixId . '[forgothash]') => $randHash
Corrected code:
$this->prefixId . '[user]' => $user['uid'],
$this->prefixId . '[forgothash]' => $randHash
Without rawurlencode() the link works as desired. I would be happy if you would check and correct this.
Updated by Georg Ringer over 5 years ago
- Status changed from New to Closed
- Is Regression set to Yes
Updated by Georg Ringer over 5 years ago
- Related to Task #83334: GeneralUtility::implodeArrayForUrl should always encode param-names added
Updated by Georg Ringer over 5 years ago
- Is duplicate of Bug #87153: Reset password in the `felogin` not working added
Actions