Tony Posted August 23, 2008 Share Posted August 23, 2008 Currently a user cannot have their password as something like aaaa&bbbb. It stores in the database as aaaa&bbbb however it always fails to login. My best guess is it is sanitizing the password in someway maybe turning & into the html equivalent which when checked in the database will make the passwords not match. Solution needs to be either not allow & in the password (bad solution). Or to not be changing the password of the users input except for when it is to be displayed or used in a context other than $pass=$storedpass. Link to comment Share on other sites More sharing options...
othellotech Posted August 24, 2008 Share Posted August 24, 2008 And as a temporary fix you can add something like.. <p align=center> <div class="errorbox"><strong>Note:</strong> If your password has an ampersand (&) it will not work - please contact support to have it removed.</div> </p> to the login tpl -which is what we did Link to comment Share on other sites More sharing options...
Recommended Posts