Admin_User password bug in v1.82

Hi -

First, great job on this coding. I first tried this out for my family website with ver 1.75. I wanted a simple security check for pages to help keep the riff raff out of personal photos or info. I modified that v1.75 installation into the v1.82 version when I found that you had added access levels. Great addition!

I just noticed the Admin_user page password update error I think you resolved in the 1.83 version. I just downloaded the v1.88 but can't see where anything has changed for this area. Is there a quick fix on the 1.82 version to enable password changes under the Admin_user page?

If going to v1.88 is the best solution is there a short list of files that actually need to change? I have edited many of the login and update pages with graphics and don't want to just copy over everything.


Thanks... Dan

[Free WordPress Themes]

Hello Dan,

I don't think that you have to change your files because all important updates are done in the class files. I'm not sure about the versions 1.7x but the latest versions have to work if you replace the class files.

What went wrong with the admin page? passwords? never heard about.. please tell me more about this error you get.

Thanks for the prompt reply.

Sorry, I assumed the error I was getting was the "small bug" referred to in the Changes.txt file for version 1.83.

When using the "admin_user" page to update users records - If I attempt to alter the password field in anyway I will get the "Database error, please try again!" message. The code catches the less than 4 character for password length check properly but if I try to change the password properly I will always get the "Database" error. All other fields (access level, email, active, etc.) update properly so long as I don't edit the password field. The function update_user_by_admin($new_level, $user_id, $def_pass, $new_email, $active, $confirmation = "no") seems to be the location of the error.

Thanks... Dan
   

[Free WordPress Themes]

...hm, you know the problem is already solved I can't say whats your problem here.

But we will give it a try, what happens If you update a record?

place an echo in front of this row of admin_user.php

Code:

$sql_compl = sprintf($sql, $this->table_name, $new_level, $new_email, $active, $user_id);

Hi Olaf -

Thanks for the assistance. I found it. Here is the line from my v.182 update_user_by_admin function causing the problem -

$sql .= ($def_pass != "") ? sprintf(", SET pw = '%s'", md5($def_pass)) : "";

After seeing the ECHO from the $sql_compl I noticed the extra SET showing up before pw =. I removed the "SET" from "SET pw =" and everything is working. I doubled checked your v1.88 code and there is no "SET pw =" just the "pw =".

Thanks very much... Dan

[Free WordPress Themes]

you're welcome, that was the small bug

[Guest]

[37.741]

Yahoo crawler, Googlebot, Msnbot, Gigabot