diff options
| author | Angie Byron <webchick@24967.no-reply.drupal.org> | 2009-05-22 07:39:09 +0000 |
|---|---|---|
| committer | Angie Byron <webchick@24967.no-reply.drupal.org> | 2009-05-22 07:39:09 +0000 |
| commit | 45731a4e60bfeda4036398783351f49e4cdd07f1 (patch) | |
| tree | 769c941e98be6e6d659e5c59a201515de1a64d52 | |
| parent | 800f2d9aa461bf65c7e971de388d5367af1996bf (diff) | |
| download | brdo-45731a4e60bfeda4036398783351f49e4cdd07f1.tar.gz brdo-45731a4e60bfeda4036398783351f49e4cdd07f1.tar.bz2 | |
#398902 by kscheirer and alexanderpas: Type-check passwords.
| -rw-r--r-- | includes/form.inc | 2 | ||||
| -rw-r--r-- | modules/user/user.test | 10 |
2 files changed, 10 insertions, 2 deletions
diff --git a/includes/form.inc b/includes/form.inc index c5803b46e..83392a3f7 100644 --- a/includes/form.inc +++ b/includes/form.inc @@ -1651,7 +1651,7 @@ function password_confirm_validate($form, &$form_state) { $pass1 = trim($form['pass1']['#value']); if (!empty($pass1)) { $pass2 = trim($form['pass2']['#value']); - if ($pass1 != $pass2) { + if (strcmp($pass1, $pass2)) { form_error($form, t('The specified passwords do not match.')); } } diff --git a/modules/user/user.test b/modules/user/user.test index b9e0f5ba9..28c394025 100644 --- a/modules/user/user.test +++ b/modules/user/user.test @@ -5,7 +5,7 @@ class UserRegistrationTestCase extends DrupalWebTestCase { public static function getInfo() { return array( 'name' => t('User registration'), - 'description' => t('Registers a user, fails login, resets password, successfully logs in with the one time password, changes password, logs out, successfully logs in with the new password, visits profile page.'), + 'description' => t('Registers a user, fails login, resets password, successfully logs in with the one time password, fails password change, changes password, logs out, successfully logs in with the new password, visits profile page.'), 'group' => t('User') ); } @@ -64,6 +64,14 @@ class UserRegistrationTestCase extends DrupalWebTestCase { $this->drupalPost(NULL, NULL, t('Log in')); $this->assertText(t('You have just used your one-time login link. It is no longer necessary to use this link to login. Please change your password.'), t('This link is no longer valid.')); + // Check password type validation + $edit = array(); + $edit['pass[pass1]'] = '99999.0'; + $edit['pass[pass2]'] = '99999'; + $this->drupalPost(NULL, $edit, t('Save')); + $this->assertText(t('The specified passwords do not match.'), t('Type mismatched passwords display an error message.')); + $this->assertNoText(t('The changes have been saved.'), t('Save user password with mismatched type in password confirm.')); + // Change user password. $new_pass = user_password(); $edit = array(); |