umbracomembershipprovider getpassword bug

Press Ctrl / CMD + C to copy this to your clipboard.

Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at

Mark Olbert 87 posts 117 karma points

Oct 21, 2009 @ 17:37

0

UmbracoMembershipProvider: GetPassword() Bug

I believe GetPassword() should, if possible, return the unencrypted password. However, as currently written it returns whatever's in the Member system, which can be encrypted.

This could be fixed by changing the lines:

            if (m == null)
            {
                throw new MembershipPasswordException("The supplied user is not found");
            }
            else
            {
                return m.Password;
            }

to:

            if (m == null)
            {
                throw new MembershipPasswordException("The supplied user is not found");
            }
            else
            {
                return UnEncodePassword(m.Password);
            }

UnEncodePassword is an existing helper method in the provider.

I would be happy to submit a patch. However, I've never done that before. Are there instructions on how to do that?

- Mark

Copy Link
Dirk De Grave 4541 posts 6021 karma points MVP 3x admin c-trib

Oct 21, 2009 @ 18:15

1

Mark,

You should register on Codeplex, download latest source (install turtoise/subversion) and create a patch from within vs.net. Patch can be uploaded on Codeplex. Make sure to make lots of noise so core people get to review and approve quickly

Thanks for the efforts in finding/patching/coding/...

Cheers,

/Dirk

Copy Link
is working on a reply...

This forum is in read-only mode while we transition to the new forum.

You can continue this topic on the new forum by tapping the "Continue discussion" link below.

Please Sign in or register to post replies