Advertisement:
Anonymous Login
12-05-2016 07:49 PM

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0005001SMF 2.0Generalpublic2014-04-20 16:41
ReporterOwdy 
PrioritynormalSeverityminorReproducibilityhave not tried
StatusclosedResolutionfixed 
Summary0005001: Login error with non-ascii charaters
DescriptionIn SMF usernames are not case sensitive when login. But if you give wrong size letter in username with non-ascii characters when login, smf gives password error in first attempt to try login. Second time works.
Steps To Reproduce1. Create user: Ääkkönen

2. Login with "Ääkkönen" and correct password -> works fine.

3. login with "ääkkönen" and correct password -> it gives password error. Try again with same "ääkkönen" with correct password, second time everything works fine. Happends every time.

It does that with usernames with non-ascii characters, like öä etc.
Tags2.1
Attached Files
  • diff file icon patches_bug_5001.diff (5,355 bytes) 2012-12-05 15:14 -
    Index: 2.0/Sources/Register.php
    ===================================================================
    --- 2.0/Sources/Register.php	(revision 10996)
    +++ 2.0/Sources/Register.php	(working copy)
    @@ -510,7 +510,7 @@
     	{
     		call_integration_hook('integrate_activate', array($row['member_name']));
     
    -		setLoginCookie(60 * $modSettings['cookieTime'], $memberID, sha1(sha1(strtolower($regOptions['username']) . $regOptions['password']) . $regOptions['register_vars']['password_salt']));
    +		setLoginCookie(60 * $modSettings['cookieTime'], $memberID, sha1(sha1($smcFunc['strtolower']($regOptions['username']) . $regOptions['password']) . $regOptions['register_vars']['password_salt']));
     
     		redirectexit('action=login2;sa=check;member=' . $memberID, $context['server']['needs_login_fix']);
     	}
    @@ -564,7 +564,7 @@
     	$smcFunc['db_free_result']($request);
     
     	// Change their email address? (they probably tried a fake one first :P.)
    -	if (isset($_POST['new_email'], $_REQUEST['passwd']) && sha1(strtolower($row['member_name']) . $_REQUEST['passwd']) == $row['passwd'])
    +	if (isset($_POST['new_email'], $_REQUEST['passwd']) && sha1($smcFunc['strtolower']($row['member_name']) . $_REQUEST['passwd']) == $row['passwd'])
     	{
     		if (empty($modSettings['registration_method']) || $modSettings['registration_method'] == 3)
     			fatal_lang_error('no_access', false);
    Index: 2.0/Sources/Security.php
    ===================================================================
    --- 2.0/Sources/Security.php	(revision 11000)
    +++ 2.0/Sources/Security.php	(working copy)
    @@ -103,7 +103,7 @@
     // Check if the user is who he/she says he is
     function validateSession()
     {
    -	global $modSettings, $sourcedir, $user_info, $sc, $user_settings;
    +	global $modSettings, $sourcedir, $user_info, $sc, $user_settings, $smcFunc;
     
     	// We don't care if the option is off, because Guests should NEVER get past here.
     	is_not_guest();
    @@ -139,7 +139,7 @@
     		$good_password = in_array(true, call_integration_hook('integrate_verify_password', array($user_info['username'], $_POST['admin_pass'], false)), true);
     
     		// Password correct?
    -		if ($good_password || sha1(strtolower($user_info['username']) . $_POST['admin_pass']) == $user_info['passwd'])
    +		if ($good_password || sha1($smcFunc['strtolower']($user_info['username']) . $_POST['admin_pass']) == $user_info['passwd'])
     		{
     			$_SESSION['admin_time'] = time();
     			unset($_SESSION['request_referer']);
    Index: 2.0/Sources/ManagePaid.php
    ===================================================================
    --- 2.0/Sources/ManagePaid.php	(revision 10996)
    +++ 2.0/Sources/ManagePaid.php	(working copy)
    @@ -1747,7 +1747,7 @@
     	{
     		while (($file = readdir($dh)) !== false)
     		{
    -			if (is_file($sourcedir .'/'. $file) && preg_match('~Subscriptions-([A-Za-z\d]+)\.php~', $file, $matches))
    +			if (is_file($sourcedir .'/'. $file) && preg_match('~^Subscriptions-([A-Za-z\d]+)\.php$~', $file, $matches))
     			{
     				// Check this is definitely a valid gateway!
     				$fp = fopen($sourcedir . '/' . $file, 'rb');
    Index: 2.0/Sources/Subs-Members.php
    ===================================================================
    --- 2.0/Sources/Subs-Members.php	(revision 10996)
    +++ 2.0/Sources/Subs-Members.php	(working copy)
    @@ -641,7 +641,7 @@
     	$regOptions['register_vars'] = array(
     		'member_name' => $regOptions['username'],
     		'email_address' => $regOptions['email'],
    -		'passwd' => sha1(strtolower($regOptions['username']) . $regOptions['password']),
    +		'passwd' => sha1($smcFunc['strtolower']($regOptions['username']) . $regOptions['password']),
     		'password_salt' => substr(md5(mt_rand()), 0, 4) ,
     		'posts' => 0,
     		'date_registered' => time(),
    Index: 2.0/Sources/Reminder.php
    ===================================================================
    --- 2.0/Sources/Reminder.php	(revision 10996)
    +++ 2.0/Sources/Reminder.php	(working copy)
    @@ -260,7 +260,7 @@
     	validatePasswordFlood($_POST['u'], $flood_value, true);
     
     	// User validated.  Update the database!
    -	updateMemberData($_POST['u'], array('validation_code' => '', 'passwd' => sha1(strtolower($username) . $_POST['passwrd1'])));
    +	updateMemberData($_POST['u'], array('validation_code' => '', 'passwd' => sha1($smcFunc['strtolower']($username) . $_POST['passwrd1'])));
     
     	call_integration_hook('integrate_reset_pass', array($username, $username, $_POST['passwrd1']));
     
    @@ -379,7 +379,7 @@
     		fatal_lang_error('profile_error_password_' . $passwordError, false);
     
     	// Alright, so long as 'yer sure.
    -	updateMemberData($row['id_member'], array('passwd' => sha1(strtolower($row['member_name']) . $_POST['passwrd1'])));
    +	updateMemberData($row['id_member'], array('passwd' => sha1($smcFunc['strtolower']($row['member_name']) . $_POST['passwrd1'])));
     
     	call_integration_hook('integrate_reset_pass', array($row['member_name'], $row['member_name'], $_POST['passwrd1']));
     
    Index: 2.0/Sources/Subs-Auth.php
    ===================================================================
    --- 2.0/Sources/Subs-Auth.php	(revision 10996)
    +++ 2.0/Sources/Subs-Auth.php	(working copy)
    @@ -580,7 +580,7 @@
     
     	// Generate a random password.
     	$newPassword = substr(preg_replace('/\W/', '', md5(mt_rand())), 0, 10);
    -	$newPassword_sha1 = sha1(strtolower($user) . $newPassword);
    +	$newPassword_sha1 = sha1($smcFunc['strtolower']($user) . $newPassword);
     
     	// Do some checks on the username if needed.
     	if ($username !== null)
    
    diff file icon patches_bug_5001.diff (5,355 bytes) 2012-12-05 15:14 +

-Relationships
+Relationships

-Notes

bugnote:0014671

emanuele (Viewer)

This seems to be related to the javascript hashing of the password, playing around with it seems that changing the order of the operations fixes the issue, so instead of:
> [value|username].php_to8bit().php_strtolower()
doing:
> [value|username].php_strtolower().php_to8bit()
works.

This should be done in the functions hashLoginPassword, hashAdminPassword and hashModeratePassword.

If you can confirm it works, I'll commit the fix.

bugnote:0014674

Owdy (SMF Friend)

Last edited: 2012-08-21 13:59

View 2 revisions

Sorry, i need more details. Where is that function? What file do i edit?

bugnote:0014675

emanuele (Viewer)

No problem. ;)

The three functions are in script.js (Themes/default/script).

bugnote:0014680

Owdy (SMF Friend)

Hello

Attached our file. Didnt fix it.

bugnote:0014681

emanuele (Viewer)

Did you clean up your browser's cache? (just to be sure ;))

bugnote:0014682

Owdy (SMF Friend)

Yes

bugnote:0014685

emanuele (Viewer)

Disregard my previous comment for a while

bugnote:0014688

emanuele (Viewer)

Okay, the proposed fix doesn't fix the issue.

If you need a quick workaround you can disable the hashing by default (in any case it doesn't work so it's useless anyway.
To do it just change the above function adding a:
[code]return true;[/code]
just after the first open bracket:
-------->8----------
function hashLoginPassword(doForm, cur_session_id)
{
    return true;
-------->8-----------

bugnote:0014690

emanuele (Viewer)

I changed all the strtolower to $smcFunc['strtolower'] involved in hashing the password and it *seems* to work with newly registered users, but I don't think there is a way to fix it for already registered users, except updating the password...

bugnote:0014691

Owdy (SMF Friend)

Can you attach fixed file?

bugnote:0014692

Owdy (SMF Friend)

In wap2 mmode, this works just fine. Solution could be in there :)

bugnote:0014693

emanuele (Viewer)

In wap2 works because the password is not hashed "client-side" (no javascript).

At the moment I cannot attach changes because I tested it on 2.1 codebase, I'll try next week/s to apply the same changes to a clean 2.0 and attach the files involved.

bugnote:0014696

Owdy (SMF Friend)

Did you test this?

bugnote:0014701

emanuele (Viewer)

Sorry, I didn't have much time to adapt the patch to 2.0... :-[
Well, TBH I didn't even test it on 2.1. ::)

bugnote:0014756

emanuele (Viewer)

Sorry for the very long time, try the attached patch (if you prefer it in the form of a mod I should be able to provide one, just let me know).

It should fix the issue for newly registered members and hopefully for already registered members after changing their password.

Let me know if it works! ;)

bugnote:0015015

Antes (Team Member)

Please track here: https://github.com/SimpleMachines/SMF2.1/issues/1538
+Notes
MantisBT (Modified for SMF Intergration)[^] Copyright © 2000 - 2010 Mantis Group