Securelogin prevents creation of users and destroys user-data field in database and saves password in clear

Florian Streibelt - August 25, 2009 - 14:44

Project:	Secure Login
Version:	6.x-1.x-dev
Component:	Code
Category:	bug report
Priority:	critical
Assigned:	Unassigned
Status:	active

Jump to:

Most recent comment

When creating a new user as admin and having the plugin enabled to only allow https, I get an Drupal error that the user's data is invalid/the user cannot instanciated and can not login. Can't redproduce the message right now.

When looking at the mysql table I see the users password in cleartext in the 'data' field together with other data. I have to delete the field contents using plain SQL so that the user can log in again. I am using drupal 6.13. and hat to replace the module by an apache redirect :|

» Login or register to post comments

#1

Florian Streibelt - August 25, 2009 - 14:44

Title:

Securelogin prevents creation of users and destoys user-data field in database and saves password in clear

» Securelogin prevents creation of users and destroys user-data field in database and saves password in clear

Login or register to post comments

Drupal is a registered trademark of Dries Buytaert.