Issue #873 has been updated by Clément OUDOT.

Target version changed from self-service-password-? to self-service-password-1.0

Boldly Going Nowhere wrote:
> There is a bug in this feature ever since you introduced the password change 
> by user code. If the config is set to 'User' instead of 'Manager' this bug 
> surfaces.
> In order to solve it I have added a new line to the 'change password' logic 
> in resetbytoken.php between the original line 198 and 199 :  
> $who_change_password = 'manager';
> That way it is only forced for that function and the token based reset works. 
> Otherwise you try to rest by LDAP as the user without giving $oldpassword, 
> which will give a constraint violation.

Well, $who_change_password should be empty in resetbytoken.php, so I don't 
understand why in your case it has the value "user". But you are right, we 
should maybe force its value, or maybe better, remove it form change_password 

> ((additionally in the same file, I've decleared $oldpassword = ""; at the 
> beginnen as you were getting cosmetic errors logged because your 
> 'checkpasswordstrength' logic tries to pass on that variable(line 194 in 
> resetbytoken.php) which was undeclared)).

Indeed, it will be cleaner to unset it and manage this cas in check password 
Bug #873: Can't reset password when using sendtoken

Author: Thomas Mayer
Status: Assigned
Priority: Normal
Assigned to: Clément OUDOT
Category: Self Service Password
Target version: self-service-password-1.0

I can reset my password when I use the action "change" of the website.
When I use "sendtoken" i get an ldap 19 error - constraint violation.
I tried the same password for both methods.

You have received this notification because you have either subscribed to it, 
or are involved in it.
To change your notification preferences, please click here:
ltb-dev mailing list

Reply via email to