Opened 11 years ago
Closed 11 years ago
#709 closed defect (fixed)
Changing license setting may set password to empty
Reported by: | sazius | Owned by: | |
---|---|---|---|
Priority: | major | Milestone: | 0.4.0 |
Component: | programming | Keywords: | |
Cc: | Parent Tickets: |
Description
I encountered this because I've set my web browser (Iceweasel/Firefox 21) to store my MediaGoblin password and automatically fill it in when it deems appropriate.
Steps to reproduce
- Go to "Change account settings".
- Web browser automatically fills in "Old password" field, but leaves "New password" field empty (user that only wishes to change license setting will not notice this as it happens automatically).
- Change license setting if you want (this seems to be optional).
- Press "Save changes."
- Log out and try to log in again: your old password doesn't work, the new password is the empty string. (Can be confirmed e.g. by trying to login with the piwigo plugin which allows empty password to be entered.)
The change account settings dialog should either warn of empty password, or simply assume the user does not wish to touch the password if it is left empty. (As was my case.)
Change History (5)
comment:1 by , 11 years ago
Owner: | set to |
---|---|
Status: | new → in_progress |
comment:2 by , 11 years ago
Owner: | removed |
---|---|
Status: | in_progress → review |
comment:3 by , 11 years ago
Owner: | set to |
---|---|
Status: | review → in_progress |
That looks good!
Some things:
- Please don't use tabs for indenting, even templates.
- Translating half parts does not really work good for all languages. "Change your" + "password". Think of a language that goes like "change password of yours". Either make the whole sentence into a link (my vote!) or put the whole linking in the translation (look for examples around).
- You might want to move the
request.staticdirect('/js/show_password.js')
thing from theedit_acccount.html
to your newchange_pass.html
so that people can enable password viewing while typing it. You also need theid="password"
on the form field for that to work.
comment:4 by , 11 years ago
Owner: | removed |
---|---|
Status: | in_progress → review |
comment:5 by , 11 years ago
Resolution: | → fixed |
---|---|
Status: | review → closed |
Merged: d5e035e9193cb9c9faff0e8601e2908bf5285f9c
Yeah, thanks!
This branch fixes this and moves the change password stuff to a separate view.
https://github.com/rodney757/mediagoblin/commits/change_pass
I'm also adding support to change email, so the change account settings view will look similar to how it does before this patch. See #705