Last modified: 2010-05-15 15:37:33 UTC
Imagine this scenario: You forgot your password and activate: "Mail me a new
You are not able to assigne a new password. NEIGHER by letting "Old password"
empty NOR using the password received by e-mail. (message: The password you
entered is incorrect. Please try again.)
This failed at
IT WORKED at http://en.wikipedia.org/wiki/Special:Userlogin (using the e-mailed
password as "Old password").
Kind regards Reinhardt [[user:gangleri]]
You can't change the password at Special:Userlogin, go to Special:Preferences to
change your password.
(In reply to comment #1)
Special:Preferences needs the old password, which is no longer valid after login.
(In reply to comment #1)
> You can't change the password at Special:Userlogin, go to Special:Preferences to
> change your password.
I think Reihardt is referring to the place where the new password is mailed from.
I can confirm the description. The problem is that in order to change the
password in Special:Preferences, the old password must be given. In this case,
the old password is neither blank, nor the one received by mail. It's the one
that was forgotten.
here the solution.
please comment out the marked line:
# use the temporary one-time password only once: clear it now !
#### $this->mNewpassword = ''; caused bugzilla 2126 - preventing the re-use
of temp passw
I have introduced the clearance of the temporary password, so that it can be
only used once, but overlooked the side effect which is now reported (that
nobody can use the temp password for a second time, in order to _change_ or set
a new password.)
So, please can someome of the developers comment the one line ?
I think, my basic idea to allow ONLY ONE login with the temporary password was
not bad (but admittedly, it caused the problems mentioned in this bugzilla)
(amended the title to cover an additional aspect, which was also the reason for
(In reply to comment #4)
> hello all.
> here the solution.
> In /includes/User.php
> function checkpassword()
> please comment out the marked line:
Fixed in CVS, please provide a proper patch to address this.
> Fixed in CVS, please provide a proper patch to address this.
(In reply to comment #7)
> > Fixed in CVS, please provide a proper patch to address this.
> "costs extra"
We all live to serve :-) What I requested was a patch that adresses this
problem, and does something sensible to correct the problem. I do not need a
patch to place a # at the correct place.
Seems to work fine, currently.