Need Beta Testers
#1
I need beta testers for my newest plugin, "Security Question Reset Password Option".

Download to version 0.2 is below.

PM me any vulnerabilities, reply here for glitches and other suggestions.
Oh, and I know it uses pre_output_page a bit but that'll be template edits in v 0.3.


Attached Files
.php   secqresetpass.php (Size: 6.67 KB / Downloads: 160)
-Paul H.

Cogisne lingua latina?
Reply
#2
Just quickly skimmed through it.

Line 110:
$query = $db->query("SELECT * FROM ".TABLE_PREFIX."users WHERE email='[email protected]'");
Toungue
--Pyridine
Reply
#3
Oh, derp.

Fixed.
Updated again.
-Paul H.

Cogisne lingua latina?
Reply
#4
This user has been denied support. This user has been denied support.
Okay, I've had a go at testing this over localhost. All things are fine, but when you go to change password to change security question, to change security question, one needs to change their password to new password as well, otherwise it'd throw back an error.

I'd like you to update it of adding a separate page for security questions under change password so that both doesn't gets mixed up.

Function is fine, although haven't tested it for any vulnerabilities.
edit: found out one more thing or bug, if I go to reset password via security question and answer it correctly and keep new password as admin, it takes back to lost pw page. I guess that is because of the settings of ACP of minimum password length, but you should create a notice instead of redirecting them back to reset page that enter at least minimum of 6 characters password so they won't be confused.
Reply
#5
Hmmm, I thought I solved that first problem.


I'll fix these later, thanks.
-Paul H.

Cogisne lingua latina?
Reply
#6
This being released ever?
[Image: signature.php?uid=1]
Reply
#7
This user has been denied support. This user has been denied support.
(2012-03-15, 07:40 AM)Shiro Wrote: This being released ever?
It should work fine I believe.

Reply
#8
What's the point of this?
rebuild_settings();

You've added an underscore before 'users' in this query
	$result = $db->query("ALTER TABLE ".TABLE_PREFIX."_users DROP resetpass_question, DROP resetpass_answer;");
Also recommend using write_query() because that's what it should be, but I guess no-one cares.


I don't recommend doing this - it's not required and may invalidate other logged in sessions (but maybe that's what you want, IDK):
function secq_pass_define()
{
	global $mybb;
	if($mybb->input['password'] == '' && $mybb->input['password2'] == '') {
		$mybb->input['password2'] = $mybb->input['oldpassword'];
		$mybb->input['password'] = $mybb->input['oldpassword'];
	}
}

All instances of "user['resetpass_question']" need to be run through htmlspecialchars before outputting.
I can't be bothered looking at any more code. It doesn't appear that it does anything on user registration - maybe you want to think about that.
Hope the above helps.
Reply
#9
Haven't touched this in ages.... may have to start it again. I'll probably do a complete rewrite.
-Paul H.

Cogisne lingua latina?
Reply
#10
(2012-03-16, 12:06 AM)Paul H. Wrote: ... I'll probably do a complete rewrite.

This plugin would be a great option to have, more security is always better in my opinion! Big Grin
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)