From c5fad6075c68eff0ff0d60ace57680afb0a3e9ba Mon Sep 17 00:00:00 2001 From: Fred Tempez Date: Tue, 11 Apr 2023 14:53:39 +0200 Subject: [PATCH] =?UTF-8?q?Caract=C3=A8res=20sp=C3=A9ciaux=20dans=20le=20m?= =?UTF-8?q?ot=20de=20passe?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- core/module/user/user.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/core/module/user/user.php b/core/module/user/user.php index 8b4fc202..29e450b9 100644 --- a/core/module/user/user.php +++ b/core/module/user/user.php @@ -226,7 +226,7 @@ class user extends common $newPassword = $this->getData(['user', $this->getUrl(2), 'password']); if ($this->getInput('userEditNewPassword')) { // L'ancien mot de passe est correct - if (password_verify($this->getInput('userEditOldPassword'), $this->getData(['user', $this->getUrl(2), 'password']))) { + if (password_verify(html_entity_decode($this->getInput('userEditOldPassword')), $this->getData(['user', $this->getUrl(2), 'password']))) { // La confirmation correspond au mot de passe if ($this->getInput('userEditNewPassword') === $this->getInput('userEditConfirmPassword')) { $newPassword = $this->getInput('userEditNewPassword', helper::FILTER_PASSWORD, true); @@ -465,7 +465,7 @@ class user extends common if ( ($this->getData(['user', $userId, 'connectTimeout']) + $this->getData(['config', 'connect', 'timeout'])) < time() and $this->getData(['user', $userId, 'connectFail']) < $this->getData(['config', 'connect', 'attempt']) - and password_verify($this->getInput('userLoginPassword', helper::FILTER_STRING_SHORT, true), $this->getData(['user', $userId, 'password'])) + and password_verify(html_entity_decode($this->getInput('userLoginPassword', helper::FILTER_STRING_SHORT, true)), $this->getData(['user', $userId, 'password'])) and $this->getData(['user', $userId, 'group']) >= self::GROUP_MEMBER and $captcha === true ) {