Mercurial Mercurial > repos > enano-1.1 / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fixed undefined $score_min in password change. Potential security concern?
authorDan
Thu, 17 Dec 2009 04:29:55 -0500
changeset 1169 d5474f54a525
parent 1168 277a9cdead3e
child 1170 71cb87b7dc3f
Fixed undefined $score_min in password change. Potential security concern?
plugins/SpecialUserPrefs.php file | annotate | diff | comparison | revisions 
--- a/plugins/SpecialUserPrefs.php	Thu Dec 17 04:27:50 2009 -0500
+++ b/plugins/SpecialUserPrefs.php	Thu Dec 17 04:29:55 2009 -0500
@@ -250,6 +250,7 @@
             if ( getConfig('pw_strength_enable') == '1' )
             {
               $score_inp = password_score($newpass);
+              $score_min = getConfig('pw_strength_minimum', -10);
               if ( $score_inp < $score_min )
                 $errors .= '<div class="error-box" style="margin: 0 0 10px 0;">' . $lang->get('usercp_emailpassword_err_password_too_weak', array('score' => $score_inp)) . '</div>';
             }
Enano CMS (1.1.x)