Ticket #325 (closed Bug report: fixed)
Install.php doesn't validate initial wifidog password properly
|Reported by:||golden_rock@…||Owned by:||Robin Jones|
|Priority:||low||Milestone:||WifiDog Auth Server 1.0|
|Component:||Auth server, Authentication, permissions and access control||Version:|
The problem is simple: when I installed wifidog with install.php, I set a password with lots of special characters including *, &, ! and more. The installation allowed me to go on, and wifidog worked well.
I went over this bug by modifying the formutils.js file, making the isValidPassword() function return true all the times, change my password and then restore the old formutils.js file. It worked.
Wifidog shouldn't have let me use special characters initially if change_password.php doesn't allow them. And should change_password validate the old password field? Perhaps.
My wifidog auth server version dates from 2006-12-12. If the bug hasn't been discovered yet, then here's an occasion to fix it.