tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 12:05:37 +00:00
Code Issues Projects Releases Wiki Activity

BUGFIX Logging in with an invalid email returns no error message (fixes #5332, thanks ajshort)

Browse Source 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/branches/2.4@102072 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Ingo Schommer 2010-04-05 20:29:14 +00:00 committed by Sam Minnee
parent 97b40fbca6
commit 05b4a2313e
2 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
security/MemberAuthenticator.php
View File

@ -42,7 +42,12 @@ class MemberAuthenticator extends Authenticator {
"Member", "Member",
"\"" . Member::get_unique_identifier_field() . "\" = '$SQL_user' AND \"Password\" IS NOT NULL" "\"" . Member::get_unique_identifier_field() . "\" = '$SQL_user' AND \"Password\" IS NOT NULL"
); );
$result = ($member) ? $member->checkPassword($RAW_data['Password']) : false;
if($member) {
$result = $member->checkPassword($RAW_data['Password']);
} else {
$result = new ValidationResult(false, _t('Member.ERRORWRONGCRED'));
}
if($member && !$result->valid()) { if($member && !$result->valid()) {
$member->registerFailedLogin(); $member->registerFailedLogin();

3
tests/security/SecurityTest.php
View File

@ -247,6 +247,9 @@ class SecurityTest extends FunctionalTest {
$this->assertTrue(is_object($attempt)); $this->assertTrue(is_object($attempt));
$this->assertEquals($attempt->Status, 'Failure'); $this->assertEquals($attempt->Status, 'Failure');
$this->assertEquals($attempt->Email, 'wronguser@silverstripe.com'); $this->assertEquals($attempt->Email, 'wronguser@silverstripe.com');
$this->assertNotNull(
$this->loginErrorMessage(), 'An invalid email returns a message.'
);
} }
function testSuccessfulLoginAttempts() { function testSuccessfulLoginAttempts() {