Ensure all new users without passwords have salt set
Bug #799594 reported by
Richard Mansfield
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Mahara |
Fix Released
|
Medium
|
Richard Mansfield |
Bug Description
When an admin creates a new user on the site, we always ensure that the user is created with random salt, and either has an empty password or their password encrypted with the salt, depending on the auth method.
To make sure this is true for new users created by other methods (registration, xmlrpc), we can move the function to encrypt the password into the create_user() function and avoid some duplication.
Changed in mahara: | |
status: | New → In Progress |
Changed in mahara: | |
status: | In Progress → Fix Committed |
Changed in mahara: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
This is really good stuff and it deserves a higher priority ;)