Issue #873 has been updated by Pedro Vandeputte.

There is a bug in this feature ever since you introduced the password change by 
user code. If the config is set to 'User' instead of 'Manager' this bug 
surfaces.

In order to solve it I have added a new line to the 'change password' logic in 
resetbytoken.php between the original line 198 and 199 :  $who_change_password 
= 'manager';

That way it is only forced for that function and the token based reset works. 
Otherwise you try to rest by LDAP as the user without giving $oldpassword, 
which will give a constraint violation.

((additionally in the same file, I've decleared $oldpassword = ""; at the 
beginnen as you were getting cosmetic errors logged because your 
'checkpasswordstrength' logic tries to pass on that variable(line 194 in 
resetbytoken.php) which was undeclared)).


----------------------------------------
Bug #873: Can't reset password when using sendtoken
http://tools.lsc-project.org/issues/873

Author: Thomas Mayer
Status: Assigned
Priority: Normal
Assigned to: Clément OUDOT
Category: Self Service Password
Target version: self-service-password-?


I can reset my password when I use the action "change" of the website.
When I use "sendtoken" i get an ldap 19 error - constraint violation.
I tried the same password for both methods.


-- 
You have received this notification because you have either subscribed to it, 
or are involved in it.
To change your notification preferences, please click here: 
http://tools.lsc-project.org/my/account
_______________________________________________
ltb-dev mailing list
ltb-dev@lists.ltb-project.org
http://lists.ltb-project.org/listinfo/ltb-dev

Reply via email to