Forums / Install & configuration / ez publish authentication

ez publish authentication

« 
Previous topic
|
Install & configuration
|
Next topic
 »
Author Message

nicholas king

Tuesday 08 March 2011 6:30:40 am

Hello All,

we currently are having a issue with our install where users can goto the url {domain}/user/login

type in a valid username with no password and ez will log the person in as the user entered into the username box. So obviously our install is not checking passwords. Any ideas on how to force the install to check passwords on switching users?

Thanks

Nicholas

Greg McAvoy-Jensen

Tuesday 08 March 2011 8:18:20 am

In the admin interface, click on the setup tab, then upgrade > file consistency check. See if anyone has disabled password checking. This is occasionally useful during some custom development, but of course has to be reversed before the system is put into production.

Granite Horizon, Certified Developer of eZ Publish Web Solutions
Provider of the SaaS Solution Granite Horizon In The Cloud | http://granitehorizon.com/cloud
http://granitehorizon.com | +1 916 647 6350 | California USA | @granitegreg
Blog: http://granitehorizon.com/blog

nicholas king

Wednesday 09 March 2011 1:53:39 am

Hello Greg,

That is exactly what had happened inside of /kernel/classes/datatypes/ezuser/ezuser.php

i had to search for the following line

return eZUser::createHash( $user, $password, $site, $type, $hash ) === (string) $hash;

Thanks

Nicholas

eZ debug

Timing: Jan 17 2025 23:58:13
Script start
Timing: Jan 17 2025 23:58:13
Module start 'content'
Timing: Jan 17 2025 23:58:14
Module end 'content'
Timing: Jan 17 2025 23:58:14
Script end

Main resources:

Total runtime0.7558 sec
Peak memory usage4,096.0000 KB
Database Queries58

Timing points:

CheckpointStart (sec)Duration (sec)Memory at start (KB)Memory used (KB)
Script start 0.00000.0058 587.7344180.8359
Module start 'content' 0.00580.7442 768.5703538.7422
Module end 'content' 0.75000.0057 1,307.312542.2656
Script end 0.7557  1,349.5781 

Time accumulators:

 Accumulator Duration (sec) Duration (%) Count Average (sec)
Ini load
Load cache0.00300.4007140.0002
Check MTime0.00130.1784140.0001
Mysql Total
Database connection0.00050.069810.0005
Mysqli_queries0.715594.6788580.0123
Looping result0.00050.0633560.0000
Template Total0.729296.520.3646
Template load0.00180.243120.0009
Template processing0.727496.240720.3637
Template load and register function0.00010.019810.0001
states
state_id_array0.00060.076510.0006
state_identifier_array0.00080.101520.0004
Override
Cache load0.00150.2028180.0001
Sytem overhead
Fetch class attribute can translate value0.00060.083220.0003
Fetch class attribute name0.00090.116340.0002
XML
Image XML parsing0.00080.102820.0004
class_abstraction
Instantiating content class attribute0.00000.001340.0000
General
dbfile0.00290.3830200.0001
String conversion0.00000.000730.0000
Note: percentages do not add up to 100% because some accumulators overlap

Templates used to render the page:

UsageRequested templateTemplateTemplate loadedEditOverride
1node/view/full.tplfull/forum_topic.tplextension/sevenx/design/simple/override/templates/full/forum_topic.tplEdit templateOverride template
3content/datatype/view/ezxmltext.tpl<No override>extension/community_design/design/suncana/templates/content/datatype/view/ezxmltext.tplEdit templateOverride template
3content/datatype/view/ezxmltags/paragraph.tpl<No override>extension/ezwebin/design/ezwebin/templates/content/datatype/view/ezxmltags/paragraph.tplEdit templateOverride template
1content/datatype/view/ezimage.tpl<No override>extension/sevenx/design/simple/templates/content/datatype/view/ezimage.tplEdit templateOverride template
1pagelayout.tpl<No override>extension/sevenx/design/simple/templates/pagelayout.tplEdit templateOverride template
 Number of times templates used: 9
 Number of unique templates used: 5

Time used to render debug report: 0.0001 secs