On Wed, 25 Jul 2007 18:39:03 -0500, James Bennett wrote:
> On 7/25/07, Patrick Anderson <[EMAIL PROTECTED]> wrote:
>> Anyway, why not reset password for a logged-in user only? Maybe I've
>> look at the code too briefly, and there might be a reason for iterating
>> through users_cache, but that ap
On 7/25/07, Patrick Anderson <[EMAIL PROTECTED]> wrote:
> Anyway, why not reset password for a logged-in user only? Maybe I've look
> at the code too briefly, and there might be a reason for iterating
> through users_cache, but that approach sounds safer to me.
Since the form accepts an email add
On Wed, 25 Jul 2007 22:47:05 +, Patrick Anderson wrote:
> Today when trying to add 'reset password' feature into my project, I
> noticed that the PasswordResetForm() 'save' method resets passwords for
> all cached users.
>
> I have been testing the site with various users logged in, and when
Today when trying to add 'reset password' feature into my project, I
noticed that the PasswordResetForm() 'save' method resets passwords for
all cached users.
I have been testing the site with various users logged in, and when I
tried to reset my password from within my public site, I received
4 matches
Mail list logo
