+- UserSpice (https://userspice.com/forums)
+-- Forum: Support Center (https://userspice.com/forums/forumdisplay.php?fid=23)
+--- Forum: UserSpice 4.3 and Below (https://userspice.com/forums/forumdisplay.php?fid=26)
+--- Thread: < in Passwords (/showthread.php?tid=625)
Pages:
1
2
< in Passwords - Brandin - 07-03-2017
Hello!
I have found out that
Code:
<Code:
>Thank you!
< in Passwords - karsen - 07-09-2017
Hey Brandin, I think I have the answer (I've been unable to post for several days, sorry for a late reply!). The password that is sent to the validation script in login.php has been sanitized by Input::get(), which in turn calls Input:
anitize and calls htmlentities. The < has been converted to < in the password string.This is the offending line in login.php:
Code:
$login = $user->loginEmail(Input::get('username'), trim(Input::get('password')), $remember);To get around this with minimal code changes, you could modify the Input class call to this:
Code:
public static function get($item, $bypassSanitize = false) {and later in the function when sanitizing the get/post arrays or single items, run an if ($bypassSanitize === true) before the sanitizing code. Then, in login.php you'd simply change the line to this:
Code:
$login = $user->loginEmail(Input::get('username'), trim(Input::get('password', true)), $remember);< in Passwords - Brandin - 07-12-2017
Thank you @Karen, I will play with this and let you know the result!
< in Passwords - mudmin - 07-12-2017
Yep. I totally forgot about that.
< in Passwords - Brandin - 07-13-2017
@Karsen / @Mudmin
Where should I be running the
Code:
if ($bypassSanitize === true)Thank you!
< in Passwords - karsen - 07-15-2017
Sorry, I knew I should have pasted all the code! I also saw a flaw in the logic I gave you. I've modified my own class though so I've gone back to the original US version; it'll be untested but should hopefully work without errors:
Code:
public static function get($item, $bypassSanitize = false){Code:
if (isset($_POST[$item])) {Code:
/*Code:
If the $_POST item is an array, process each item independently, and return array of sanitized items.Code:
*/Code:
if (is_array($_POST[$item])){Code:
$postItems=array();Code:
foreach ($_POST[$item] as $postItem){Code:
if (!$bypassSanitize) $postItem = self::sanitize($postItem);Code:
$postItems[] = $postItem;Code:
}Code:
return $postItems;Code:
}else{Code:
if (!$bypassSanitize) $postItem = self::sanitize($_POST[$item]);Code:
return $postItem;Code:
}Code:
} elseif(isset($_GET[$item])){Code:
/*Code:
If the $_GET item is an array, process each item independently, and return array of sanitized items.Code:
*/Code:
if (is_array($_GET[$item])){Code:
$getItems=array();Code:
foreach ($_GET[$item] as $getItem){Code:
if (!$bypassSanitize) $getItem = self::sanitize($getItem);Code:
$getItems[] = $getItem;Code:
}Code:
return $getItems;Code:
}else{Code:
if (!$bypassSanitize) $getItem = self::sanitize($_GET[$item]);Code:
return $getItem;Code:
}Code:
}Code:
return '';Code:
}< in Passwords - Brandin - 07-16-2017
Hey guys,
So I went ahead and got into the process of deploying this and I left out one big thing: I noticed this on join.php - not login.php.
Although I am sure this will work with login.php - I can't even get my users registered if they want to put a < in their password because it fails on the registration form.
Where do I modify the code on this? I'm not finding any trim sadly
It's saying the two passwords are not matching - so I am really not sure where the offense is coming.
Thank you!
< in Passwords - karsen - 07-16-2017
Ah, I see in your original post that you said registration, not login! Apologies for that, I lost you some time.
The reason the passwords don't match is because in the "matches" validation rule, the ingoing value ($_POST['confirm']) is sanitized while the value it matches ($_POST['password']) is not. Change this line in 'classes/Validation/php' (at or around line 54):
Code:
case 'matches':Code:
if ($value != $source[$rule_value]) {Code:
case 'matches':Code:
if ($value != sanitize($source[$rule_value])) {Also, don't forget to bypass sanitizing of the password you send to the User->create() method on join.php line 182, using the modification we made to the Input class before:
Code:
password_hash(Input::get('password'), PASSWORD_BCRYPT, array('cost' => 12)),Code:
password_hash(Input::get('password', true), PASSWORD_BCRYPT, array('cost' => 12)),Let me know if this works, I can't test it myself right now unfortunately.
< in Passwords - Brandin - 07-18-2017
YOU ARE AH-MAZING.
This is perfect!
Plug and play!
For your reference @mudmin, ~line 77 is the change on login.php.
I cannot thank you enough Karsen!
< in Passwords - Brandin - 07-18-2017
Well - almost there lol!
I broke all my other logins now lmao:
Notice: Undefined variable: postItem in /home/aircentralized/public_html/mydash/users/classes/Input.php on line 50
Looks like its an issue with this line:
Code:
if (!$bypassSanitize) $postItem = self::sanitize($_POST[$item]);Code:
return $postItem;In the first if in the Input class. Thoughts?