In /controllers/AdminController.php line 110
There is code like this:
line 110: if ($old_password->password!=$model->password) {
I notice that $old_password->password is read from database which is encrypted.
However $model->password is input by admin, which is NOT encrypted.
So it is meaningless to compare these two passwords.
Original issue reported on code.google.com by linjians...@gmail.com on 29 Mar 2011 at 12:26
Original issue reported on code.google.com by
linjians...@gmail.com
on 29 Mar 2011 at 12:26