vrr/ntopng
2
0
Fork 0
mirror of https://github.com/ntop/ntopng.git synced 2026-05-01 00:19:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Fix login issue with special characters.

Browse source 
The special characters were URL encoded during HTTP request and saved in URL encoded form.
The login used the unencoded password instead, and this resulted in a password hash mismatch which prevented user login.

Now the password hash is calculated on the unencoded password.
This commit is contained in:
emanuele-f 2017-04-14 18:20:36 +02:00
parent 12e6db4efb
commit a10d6c4f7d
8 changed files with 17 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

2
scripts/lua/admin/password_reset.lua
View file

@ -31,7 +31,7 @@ if(new_password ~= confirm_new_password) then
return
end
if(ntop.resetUserPassword(_SESSION["user"], username, old_password, new_password)) then
if(ntop.resetUserPassword(_SESSION["user"], username, unescapeHTML(old_password), unescapeHTML(new_password))) then
print ("{ \"result\" : 0, \"message\" : \"Password changed successfully\" }")
else
print ("{ \"result\" : -1, \"message\" : \"Unable to set the new user password: perhaps the old password was invalid ?\" }")