Passwords?

The log-in system does not deal with non alpha-numeric characters. I am currently unable to log into my normal account after adding a ' and > to my password.

Shouldn't passwords be tested for invalid characters when they are entered?

[ External image - login to view ]

[ External image - login to view ]

(no breaks given ? )

This has to-do with the password coming out of the database is non escaped and the password you entered is escaped.

Something like:

[php]
$strDb = "haha'haha";
$strUser = "haha\'haha";

if ($strDb == $strUser) {
echo "login succes";
} else {
echo "login incorrect, what happens in this case.";
}
[/php]

I have fixed this in next patch.

rofl @ dizzy **

[ External image - login to view ]

@Donavan, Yeah I thought about posting that one myself.

Now that I have a few people's attention, anyone want to change the password on Aisorbma and send the new password to the associated email? A big thank you to anyone feeling so kind.

Glad to know it won't be an issue in the future. And for a little more amusement: I clicked on the lost password link hoping it would reset the password but it just sent the email with the password, the ' sitting in the middle was like a , , and all together.

Quote:

Originally posted by Aimode

I clicked on the lost password link hoping it would reset the password but it just sent the email with the password, the ' sitting in the middle was like a

I lol'd pretty hard at that.

Quote:

Originally posted by Aimode

@Donavan, Yeah I thought about posting that one myself.

.... so, that reply totally made me lower my sunglasses and do this with my eyebrows

[ External image - login to view ]

Computerese...........does a Diz-X good.