We have moved to GitHub Issues
Created by Dirk 26 Apr 2014, 19:51:12 Updated by Sebastiaan Janssen 30 Apr 2014, 15:18:33
Is duplicated by: U4-4793
Method SaveUser_Click in umbraco.cms.presentation.user.EditUser.aspx.cs ChangePassword() first changes and saves new password. But later on u.clearApplications() overrides the new password with the old one.
similar problem in install step defaultUser. First membershipUser.ChangePassword() sets the new password but then user.Save() overrides it with the previous or "default" value.
And also method tmp_save() in umbraco.cms.presentation.members.EditMember has this bug in line 413 ChangePassword() and line 437 _memberEntity.Save()
Possible solution: get the current user / member in temp var to get the new password and update the original object e. g. for EditUser: ... ChangePassword(passwordChangerControl, membershipUser, passwordChangerValidator); var tmpUser = BusinessLogic.User.GetUser(u.Id); u.Password = tmpUser.Password; ...
The problem is a dirty check on the password field at the repository level. We do this check in the member repo but not in the user repo. The problem is that the change password method at the membership provider level does change the password properly but it gets overwritten by the old password again on the next save. The password should only be updated if it is changed so we just need to do a dirty check on the property.
fixed in 033fd1b7ff78e3fd334696b220c88b40d755a930
That sounds a lot better ;-) Thank you Shannon
Assignee: Shannon Deminick
Backwards Compatible: True
Fix Submitted: Pull request
Due in version: 6.2.0, 7.1.2