View Issue Details

This bug affects 1 person(s).
 10
IDProjectCategoryView StatusLast Update
06886Bug reportsAuthenticationpublic2012-11-27 06:11
Reporterpmavro Assigned Toc_schmitz  
PriorityhighSeveritypartial_block 
Status closedResolutionfixed 
Product Version2.00+ 
Fixed in Version2.00+ 
Summary06886: Admin password reseted after language changed
Description

Hi,

I report an issue concerning an issue on the authentication mechanism. The user password is reseted when the language change from default.

Steps To Reproduce
  1. Login with admin account, the password you've set and the default language
  2. Logout
  3. Login with admin account but choose another language than Default
  4. Logout
  5. Now you can't login anymore for 2 reasons :
    5.1. The admin password have been reseted
    5.2. You've been blacklisted (failed_login_attempts table)
Additional Information

I've notice this issue on several 2.0 versions, even the latest

TagsNo tags attached.
Bug heat10
Complete LimeSurvey version number (& build)121115
I will donate to the project if issue is resolvedNo
BrowserFirefox
Database type & versionPostgreSQL 9.1
Server OS (if known)Debian 6 + Backports for PostgreSQL
Webserver software & version (if known)Aapche 2.2
PHP Version5.3.3

Relationships

related to 06896 closedmdekker cannot add users to a fresh LimeSurvey installation 

Users monitoring this issue

pmavro

Activities

pmavro

pmavro

2012-11-16 09:50

reporter   ~22233

I've logged all transactions on PostgreSQL and we can see that when you login with another language than Default, the password is updated :

2012-11-16 03:44:39 EST LOG: instruction : UPDATE "lime_users" SET "uid"=1, "users_name"='admin', "password"='Resource id #65', "full_name"='Administrator', "parent_id"=0, "lang"='fr', "email"='your-email@example.net', "create_survey"=1, "create_user"=1, "participant_panel"=1, "delete_user"=1, "superadmin"=1, "configurator"=1, "manage_template"=1, "manage_label"=1, "htmleditormode"='default', "templateeditormode"='default', "questionselectormode"='default', "one_time_pw"=NULL, "dateformat"=1 WHERE "lime_users"."uid"=1

I don't really know what 'Resource id #65'.

c_schmitz

c_schmitz

2012-11-16 10:21

administrator   ~22236

Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=10324

pmavro

pmavro

2012-11-16 10:32

reporter   ~22238

Tested. It works thanks

c_schmitz

c_schmitz

2012-11-16 10:40

administrator   ~22239

New version 2.00+ Build 121116 released

c_schmitz

c_schmitz

2012-11-16 11:40

administrator   ~22257

Fix committed to 2.1 branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=10329

Mazi

Mazi

2012-11-22 11:44

updater   ~22413

Re-opened because a user on the IRC reported this to show up at build 121121.

pmavro

pmavro

2012-11-22 11:46

reporter   ~22414

Hi !

The issue is back since this line has been added :
return parent::beforeSave();

Commit fbc4ed63ecad6ae2cc2485b66099e0e3fea9498d is the problem.

c_schmitz

c_schmitz

2012-11-22 15:12

administrator   ~22425

Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=10429

mdekker

mdekker

2012-11-23 11:14

reporter   ~22442

Just for reference:

The cause is a Yii issue

https://github.com/yiisoft/yii/issues/1181
Can read but not save binary data (e.g. BYTEA) in version 1.1.11

c_schmitz

c_schmitz

2012-11-23 17:19

administrator   ~22457

The linked Yii issue does not fix the problem. Will leave it in for now anyway.

c_schmitz

c_schmitz

2012-11-24 00:11

administrator   ~22470

Fix committed to 2.1 branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=10457

c_schmitz

c_schmitz

2012-11-27 06:11

administrator   ~22584

New 2.00+ build released.

Related Changesets

LimeSurvey: master ea97656c

2012-11-16 09:21:38

c_schmitz

Details Diff
Fixed issue 06886: Admin password re-set after language changed and using Postgres Affected Issues
06886
mod - application/models/User.php Diff File

LimeSurvey: 2.1 59e7a789

2012-11-16 09:21:38

c_schmitz

Details Diff
Fixed issue 06886: Admin password re-set after language changed and using Postgres Affected Issues
06886
mod - application/models/User.php Diff File

LimeSurvey: master eabff364

2012-11-22 14:11:57

c_schmitz

Details Diff
Fixed issue 06886: Admin password re-set after language changed and using Postgres Affected Issues
06886
mod - application/core/UserIdentity.php Diff File
mod - application/models/User.php Diff File

LimeSurvey: 2.1 abad9fa1

2012-11-22 14:11:57

c_schmitz

Details Diff
Fixed issue 06886: Admin password re-set after language changed and using Postgres Affected Issues
06886
mod - application/core/UserIdentity.php Diff File
mod - application/models/User.php Diff File

Issue History

Date Modified Username Field Change
2012-11-16 09:21 pmavro New Issue
2012-11-16 09:38 c_schmitz Assigned To => c_schmitz
2012-11-16 09:38 c_schmitz Status new => assigned
2012-11-16 09:50 pmavro Note Added: 22233
2012-11-16 10:21 c_schmitz Changeset attached => LimeSurvey master ea97656c
2012-11-16 10:21 c_schmitz Note Added: 22236
2012-11-16 10:21 c_schmitz Resolution open => fixed
2012-11-16 10:22 c_schmitz Status assigned => resolved
2012-11-16 10:22 c_schmitz Fixed in Version => 2.00+
2012-11-16 10:32 pmavro Note Added: 22238
2012-11-16 10:40 c_schmitz Note Added: 22239
2012-11-16 10:40 c_schmitz Status resolved => closed
2012-11-16 11:40 c_schmitz Changeset attached => LimeSurvey 2.1 59e7a789
2012-11-16 11:40 c_schmitz Note Added: 22257
2012-11-19 12:42 mdekker Relationship added related to 06896
2012-11-22 11:44 Mazi Note Added: 22413
2012-11-22 11:44 Mazi Status closed => feedback
2012-11-22 11:44 Mazi Resolution fixed => reopened
2012-11-22 11:44 Mazi Status feedback => assigned
2012-11-22 11:46 pmavro Note Added: 22414
2012-11-22 11:46 pmavro Status assigned => feedback
2012-11-22 11:46 pmavro Issue Monitored: pmavro
2012-11-22 14:33 c_schmitz Assigned To c_schmitz => mdekker
2012-11-22 14:33 c_schmitz Status feedback => assigned
2012-11-22 14:40 c_schmitz Assigned To mdekker => c_schmitz
2012-11-22 15:12 c_schmitz Changeset attached => LimeSurvey master eabff364
2012-11-22 15:12 c_schmitz Note Added: 22425
2012-11-22 15:12 c_schmitz Status assigned => resolved
2012-11-22 15:12 c_schmitz Resolution reopened => fixed
2012-11-23 11:14 mdekker Note Added: 22442
2012-11-23 15:03 c_schmitz Status resolved => assigned
2012-11-23 17:19 c_schmitz Note Added: 22457
2012-11-23 17:19 c_schmitz Status assigned => resolved
2012-11-24 00:11 c_schmitz Changeset attached => LimeSurvey 2.1 abad9fa1
2012-11-24 00:11 c_schmitz Note Added: 22470
2012-11-27 06:11 c_schmitz Note Added: 22584
2012-11-27 06:11 c_schmitz Status resolved => closed
2021-08-03 16:48 guest Bug heat 8 => 10