Closed codethirteen closed 11 years ago
Hey, I need some more information... what version of phpVMS, what browser, any mods, can you dupe on stock? What PHP version?
Do you have recaptcha enabled?
Well, I'm working on a completely customized registration form, so I was hesitant to report it at first. But then I decided to look on a couple of other websites using phpVMS and the same behavior can be replicated. If you register, but use less than 5 characters in the password, it won't throw an error as expected. It will throw an error for mismatched passwords though, so it's just the part I posted earlier that seems to not be working.
You can see it happen on http://www.unityvirtual.net/index.php/registration, http://www.virtualaca.net/index.php/registration, http://www.westcoasthops.com/index.php/registration, to name a few.
I have not yet had the chance to download and install a vanilla copy to test with. I will do that ASAP and get back to you.
You're entering a password that's less than 5 chars, for both the passwords? And it's the same?
Yes. If you type '7777' in password1 field, then '8888' in password2 field, you can see the error checking for mismatched passwords worked. Then if you simply put '7777' in both, it will go through.
I'm setting it up on MAMP, but have had a little trouble with strict standards and am about to leave for most of the evening. So I'll get back with you once I can confirm it on MAMP.
OK, managed to get it done just before leaving.
Vanilla install of the latest stable version using MAMP with PHP 5.2.4 (5.4.4 throws strict errors as I found in other issues here):
Form submits and returns to itself. It does not POST, so the error check is working, it just isn't showing up like the others do. So from a UX point-of-view, it is confusing but certainly not critical.
5.4 support is slated for the next release, but I just haven't had the time at all to even look at it. IIRC, the check for mismatch excludes the size restriction - yep, that's a bug.
The submit to self, also IIRC, is because Recaptcha isn't setup properly. I'll look into that as well, leaving this ticket open as a reminder. Hopefully, soon, I'll get to do some work on this. But, I'll accept any patches/pull requests ;)
Ok, so I found github's iPhone app while waiting at the airport--sweet!
I think chaining the validation together might work, using ifelse statements. I'll try it later tonight and I'll get back with you if it works as I'm not real familiar with how to work git.
Sounds good. It's probably best to update it using PHP's filter_* functions
Fixed, sending you a pull request shortly.
It seems the error check for password length using
strlen
fails.I have tried using
if(empty($this->post->password1))
and a couple of other ways, but am having no luck getting it to work.