Download & Extend
Secure Login » Issues

Securelogin prevents creation of users and destroys user-data field in database and saves password in clear

Posted by Florian Streibelt on August 25, 2009 at 2:44pm
Project:Secure Login
Version:6.x-1.x-dev
Component:Code
Category:bug report
Priority:critical
Assigned:Unassigned
Status:closed (cannot reproduce)

Issue Summary

When creating a new user as admin and having the plugin enabled to only allow https, I get an Drupal error that the user's data is invalid/the user cannot instanciated and can not login. Can't redproduce the message right now.

When looking at the mysql table I see the users password in cleartext in the 'data' field together with other data. I have to delete the field contents using plain SQL so that the user can log in again. I am using drupal 6.13. and hat to replace the module by an apache redirect :|

Login or register to post comments

Comments

#1

Posted by Florian Streibelt on August 25, 2009 at 2:44pm
Title:Securelogin prevents creation of users and destoys user-data field in database and saves password in clear» Securelogin prevents creation of users and destroys user-data field in database and saves password in clear

#2

Posted by ianchan on October 7, 2010 at 9:59pm

subscribe

#3

Posted by mfb on October 29, 2010 at 12:20am
Status:active» postponed (maintainer needs more info)

This sounds bad, but I don't know how Secure Login could cause these problems. Could you provide a set of steps to reproduce?

#4

Posted by mfb on May 20, 2011 at 6:58am
Status:postponed (maintainer needs more info)» closed (cannot reproduce)

Closing, please reopen when you have more info.