Hi Cam, sure is:
http://open.silverstripe.com/ticket/3004 looks like they've pushed back fixing it to the 2.4 release. To fix, I changed the checkPassword function in /sapphire/security/Member.php to: public function checkPassword($password) { // Only confirm that the password matches if the user isn't locked out if(!$this->isLockedOut()) { $encryption_details = Security::encrypt_password($password, $this->Salt, $this->PasswordEncryption); if ($this->PasswordEncryption == 'none') { return ($this->Password === $encryption_details['password']); } return (substr($this->Password, 0, 9) === substr($encryption_details['password'], 0, 9)); } } did the trick, Stu On Thu, Jul 30, 2009 at 8:57 PM, Cam Spiers <[email protected]> wrote: > Hi Stu, > > I have experienced this problem with SilverStripe also. > > Can you confirm it is in trac? > > Regards, > Cam > > On Thu, Jul 30, 2009 at 1:54 PM, Stu Meads <[email protected]> wrote: > >> Ah okay, I tried running those commands via cli on both servers, made no >> difference. SilverStripe has it in their issue-tracker, but I just checked >> their daily builds and it's not fixed, so it looks like I'll have to patch >> it myself. thanks for your help! >> >> >> > > > > --~--~---------~--~----~------------~-------~--~----~ NZ PHP Users Group: http://groups.google.com/group/nzphpug To post, send email to [email protected] To unsubscribe, send email to [email protected] -~----------~----~----~----~------~----~------~--~---
