Package: python-moinmoin
Version: 1.5.3-1.2etch1
Severity: normal
A user has reported a problem with the Lost Password procedure in
DebianWiki. http://lists.debian.org/debian-www/2008/03/msg00136.html
When a user wants to recover his lost password, (s)he goes to
http://wiki.debian.org/UserPreferences and asks for it's password by
email.
The email send looks like :
Somebody has requested to submit your account data to this email
address.
If you lost your password, please use the data below and just enter
the
password AS SHOWN into the wiki's password form field (use copy and
paste
for that).
After successfully logging in, it is of course a good idea to set a
new and known password.
Login Name: FranklinPiat
Login Password: {SHA}000=
Login URL: http://wiki.debian.org/UserPreferences
The URL should actually read (depending on i18n) :
http://wiki.debian.org/UserPreferences?action=login
The problem could be reproduced on French and English versions.
Debian/Testing system isn't affected (moinmoin 1.5.8).
I've tried to locate the problem on my system (1.5.8) . It seems to lie
in /usr/share/python-support/python-moinmoin/MoinMoin/user.py :
python-moinmoin 1.5.3-1.2etch1
text = '\n' + _(\
Login Name: %s
Login Password: %s
Login URL: %s/%s
, formatted=False) % (
self.name, self.enc_password,
self._request.getBaseURL(), getSysPage(self._request,
'UserPreferences').page_name)
python-moinmoin 1.5.8
text = '\n' + _(\
Login Name: %s
Login Password: %s
Login URL: %s/%s?action=login
, formatted=False) % (
self.name, self.enc_password,
self._request.getBaseURL(), getSysPage(self._request,
'UserPreferences').page_name)
I guess the i18n pages should be updated too.
Franklin
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]