MyBB Community Forums

Full Version: Verify password problem / mybb settings bug?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
I'm having a problem registering users.

The verify_password function is saying my password length is incorrect, but it isn't. Settings say between 6-30 and mine is 9...last time I checked my math that was between 6 and 30 :p

So I threw a couple emails in the userhandler for debugging (see code below) and when it tries to get the values for those settings, they're empty (see email text). I'm assuming that's why my password is failing.
function verify_password()
	{
		global $mybb;

		$user = &$this->data;
mail('[email protected]', 'Pass lengths', "Min: {$mybb->settings['minpasswordlength']}\r\nMax: {$mybb->settings['maxpasswordlength']}");
		// Always check for the length of the password.
		if(my_strlen($user['password']) < $mybb->settings['minpasswordlength'] || my_strlen($user['password']) > $mybb->settings['maxpasswordlength'])
		{
			$this->set_error('invalid_password_length', array($mybb->settings['minpasswordlength'], $mybb->settings['maxpasswordlength']));
			return false;
		}

Quote:Min:
Max:

So my question is, why would those be empty? They're set in the config. Any ideas what's going on?

I added the following code to the beginning of the verify_password function to verify the settings are empty and everything worked correctly. So those settings are not set.

$mybb->settings['minpasswordlength'] = (!isset($mybb->settings['minpasswordlength']) || empty($mybb->settings['minpasswordlength'])) ? 6 : $mybb->settings['minpasswordlength'];
$mybb->settings['maxpasswordlength'] = (!isset($mybb->settings['maxpasswordlength']) || empty($mybb->settings['maxpasswordlength'])) ? 30 : $mybb->settings['maxpasswordlength'];

Is this a bug that is causing the settings to not be available here? I'd rather not do core edits..
The only reason I may think of is that you are not loading the MyBB core.
While trying to track down an unrelated issue, I found that when registering a new user, it fails the password length check in the php code, but doesn't foul out. I've probably never noticed because the js check usually stops incorrect password lengths. (While testing, I did notice it will allow over the max though.)

The only thing I changed was to add the previous work-around (temporarily). But, this gives me a great place to start looking, thank you very much!

Could this have been something that went wrong in install or config? Or perhaps with a plugin? I have another board that I don't think does this, but I haven't had time to check, admittedly.

I appreciate your help Smile