Value 0 as password passed the validation

Created on 5 August 2021, almost 4 years ago
Updated 4 May 2023, about 2 years ago

Problem/Motivation

When the user creates the password with the value "0" it passes any policy created because it thinks the password is empty.

The problem also happens when the password is a white space, but this may be a core related issue, because the core trims the password and when it gets to the validation method, it is in fact empty and will not be validated. (look at #3166462: White space as password passed the validation โ†’ )

Steps to reproduce

  • Create any password policy you want
  • Create a user with password "0"
  • It will pass the validation of the policies

Proposed resolution

Verify the "0" password.

Remaining tasks

Fix the problem
Add test coverage
Test the patch
Commit

๐Ÿ› Bug report
Status

RTBC

Version

3.0

Component

Code

Created by

๐Ÿ‡ง๐Ÿ‡ทBrazil hmendes

Live updates comments and jobs are added and updated live.
  • Needs tests

    The change is currently missing an automated test that fails when run with the original code, and succeeds when the bug has been fixed.

Sign in to follow issues

Merge Requests

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Production build 0.71.5 2024