Closed aguatacuperche closed 5 years ago
Adding $CFG->disablelogintoken = true;
into config file the problem was solved.
Hi,
thank you for reporting this issue. The news that a Moodle Security Patch might break the login in Boost child themes was spread during the last hours. Unfortunately, Boost Campus is affected.
Adding $CFG->disablelogintoken = true;
to config.php does re-enable the login but does also disable the security fix.
We will provide an updated version of Boost Campus as soon as possible.
Hi, here is official information of Moodle Login token
Is there an ETA for the fix?
Hi @aguatacuperche, thank you very much for raising this issue. Now it's fixed for the Moodle 3.5 version of the plugin (https://github.com/moodleuulm/moodle-theme_boost_campus/commit/561096fdb4f466aa8e547005fe1a5c29a37ed017) and the new version is also available in the Moodle plugin repository. We're working on providing this fix (but only in the plugins repo) for the versions 3.4. and 3.3., too. But this is only due to the severeness of the bug. Best, Kathrin
I just upgraded to 3.8 from 3.5.2 and I have the same issue. I used the code $CFG->disablelogintoken = true; into config file to solve it.
I use the correct username and password and it says "Invalid login, please try again". If I reset the password, I can log in but as soon as I log out the same issue happens.
@impressionestudio , the patch in Moodle core which broke the login form was integrated into Moodle core in MDL-63183 for Moodle 3.5.3 - just after your 3.5.2 version.
We fixed the regression of the broken login in v3.5-r3 of this theme.
If you are not using the latest version of this theme (which is v3.7-r3 as the 3.8 version is still pending), please upgrade the theme first. If you are using the latest version of this theme and encounter login problem, please create a new issue as this issue here is closed since nov 2018.
Thanks, Alex
Hi The last Moodle Upgrade (3.5.2 and 3.6 beta) (Build: 20181110) access does not allow user authentication: "Invalid login, please try again" on Manual accounts method. Probably for "MDL-63183 auth: Login protection" changes. Link Regards