1. Forums
  3. Community Discussions
  5. Community Builder
  7. Potential Bug
  9. [#2338] Login fails because quoted credentials

[#2338] Login fails because quoted credentials

13 years 2 months ago - 13 years 1 month ago #154758 by A.Ninja
[#2338] Login fails because quoted credentials was created by A.Ninja
If the credentials contains characters like a single quote ('), double quote (") or backslash (\) then they were quoted. I don't know why they are quoted (maybe a default behavior of Joomla), but to avoid login problems we have to unquote them. Here is my solution:

I edited comprofiler.php at line 1206+1207 and changed it to:
$username = trim( stripslashes( cbGetParam( $_POST, 'username', '' ) ) );
$passwd2  = trim( stripslashes( cbGetParam( $_POST, 'passwd', '', _CB_ALLOWRAW ) ) );

Now i can login without problems.

Maybe this would help someone! ^^

Please Log in to join the conversation.

13 years 2 months ago #154762 by beat
Replied by beat on topic Re: Login fails because quoted credentials
Thanks for sharing the fix.
Which exact Joomla version was this problem this with ?

I recall that we needed the escapings to avoid a vulnerability in an older version of Joomla.
Before applying that fix we will need review the use of those variable in each Joomla version.

Added to bugtracker as #2338
Beat - Community Builder Team Member

Before posting on forums: Read FAQ thoroughly -- Help us spend more time coding by helping others in this forum, many thanks :)
CB links: Our membership - CBSubs - Templates - Hosting - Forge - Send me a Private Message (PM) only for private/confidential info

Please Log in to join the conversation.

13 years 2 months ago #154764 by A.Ninja
Replied by A.Ninja on topic Re: Login fails because quoted credentials
Joomla 1.6.0
CB 1.4

Please Log in to join the conversation.

Moderators: beatnantkrileon
  1. Forums
  3. Community Discussions
  5. Community Builder
  7. Potential Bug
  9. [#2338] Login fails because quoted credentials
Time to create page: 0.203 seconds

Facebook Twitter LinkedIn

    You are here:  
  1. Home
  2. Forums
  3. Community Discussions
  4. Community Builder
  5. Potential Bug
  6. [#2338] Login fails because quoted credentials

Search

Login / Logout

User Menu