[aur-dev] [PATCH] Show hint if password is empty during login
Lukas Fleischer
archlinux at cryptocrack.de
Sun Mar 24 21:36:54 EDT 2013
On Mon, Mar 25, 2013 at 02:19:21AM +0100, Lukas Fleischer wrote:
> A user might have an empty password due to two reasons:
>
> * The user just created an account and needs to set an initial password.
> * The password has been reset by the administrator.
>
> In both cases, the user might be confused as to why the login does not
> work. Add a message that helps users debug the issue in both cases.
>
> Signed-off-by: Lukas Fleischer <archlinux at cryptocrack.de>
> ---
> web/lib/acctfuncs.inc.php | 33 +++++++++++++++++++++++++++++++--
> 1 file changed, 31 insertions(+), 2 deletions(-)
>
> [...]
> +
> + $q = "SELECT * FROM Users WHERE ID = " . $dbh->quote($uid) . " ";
Also note that "SELECT *" should be converted into "SELECT COUNT(*)" for
performance reasons. There are lots of other places where we currently
use "SELECT *" to check the number of results -- I will take care of all
these in a separate patch after 2.2.0 is released.
> + $q .= "AND Passwd = " . $dbh->quote('');
> + $result = $dbh->query($q);
> +
> + if ($result->fetchColumn()) {
> + return true;
> + } else {
> + return false;
> + }
> +}
> +
> +/**
> * Determine if the PGP key fingerprint is valid (must be 40 hexadecimal digits)
> *
> * @param string $fingerprint PGP fingerprint to check if valid
> --
> 1.8.2.411.g65a544e
More information about the aur-dev
mailing list