Autocomplete on Username Field in User Edit Form

modxcms / revolution

MODX Revolution - Content Management Framework

https://modx.com/

GNU General Public License v2.0

1.36k stars 529 forks source link

Autocomplete on Username Field in User Edit Form #14699

Closed freelancewebdev closed 4 years ago

freelancewebdev commented 5 years ago

Bug report

Summary

Autocomplete in the username field in the user edit form can lead to accidental saving of an incorrect username from that originally stored when the user hasn't been assigned a password - for example when imported without one.

Step to reproduce

Create a user via the API without a password on a domain you have an autocomplete username for.

Observed behavior

For users with no password, on Chrome the username is filled in with the first entry from my autocomplete list replacing the original username.

Expected behavior

It should retain the user's actual username.

Environment

MODX version 2.7.1-pl, apache 2.4, mysql 5.5, Chrome (tested on Linux, Mac & Windows.

I'm unclear as to the benefit of having autocomplete on any of the fields in the manager. I see #6703 for the removal of autocomplete for the title field of resources too but this issue could be a real nuisance for unwary site admins.

rthrash commented 4 years ago

This can be a big problem for site owners because you could go to unblock a user, and unless you're paying careful attention, your username can overwrite the username of the person you're trying to unblock.

JoshuaLuckers commented 4 years ago

Thanks for taking time to report this issue. Changes fixing this issue have been merged and will be included in MODX 2.7.3 and 3.x.

freelancewebdev commented 4 years ago

Thanks Joshua!

Kind regards,

Joe Molloy

F R E E L A N C E W E B D E V E L O P E R

C O N T A C T D E T A I L S

Mobile: +353 86 6087493

C o n n e c t i o n s

Twitter: twitter.com/FreelanceWebDev Skype: FreelanceWebDev

On Wed, 27 Nov 2019 at 12:13, Joshua Lückers notifications@github.com wrote:

Thanks for taking time to report this issue. Changes fixing this issue have been merged and will be included in MODX 2.7.3 and 3.x.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/modxcms/revolution/issues/14699?email_source=notifications&email_token=AADVGXSQINF3PEHAD37C2P3QVZQADA5CNFSM4IPHUO3KYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEFJJ5AA#issuecomment-559062656, or unsubscribe https://github.com/notifications/unsubscribe-auth/AADVGXSYPEMR6KND52EIGL3QVZQADANCNFSM4IPHUO3A .