mahara-contributors team mailing list archive

Thread
Date

[Bug 799594] Re: Ensure all new users without passwords have salt set

To: mahara-contributors@xxxxxxxxxxxxxxxxxxx
From: François Marier <francois@xxxxxxxxxx>
Date: Wed, 22 Jun 2011 23:46:02 -0000
Reply-to: Bug 799594 <799594@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: mahara
       Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
https://bugs.launchpad.net/bugs/799594

Title:
  Ensure all new users without passwords have salt set

Status in Mahara ePortfolio:
  Fix Committed

Bug description:
  When an admin creates a new user on the site, we always ensure that
  the user is created with random salt, and either has an empty password
  or their password encrypted with the salt, depending on the auth
  method.

  To make sure this is true for new users created by other methods
  (registration, xmlrpc), we can move the function to encrypt the
  password into the create_user() function and avoid some duplication.

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/799594/+subscriptions

References

[Bug 799594] [NEW] Ensure all new users without passwords have salt set
From: Richard Mansfield, 2011-06-20