April Lorenzen wrote:
When I create a new user in the dbmail administrator with password
type "plain", the password type in the database table comes out as
"on" (no quotes).
?????
I have been manually fixing it in the table, or just using
dbmail-users to create users. But now I have customers who want to
manage their own domains so I need the administrator web app to be
able to create users....
Thank you,
- April
Hello April.
I have been able to replicate this in Internet Explorer on only some
machines.
The browser is passing a value of "on" instead of blank when you
initially check "plain" password in the row of check boxes. It should
post the value as blank i.e.:($encrypttype=&nextkey=value&$etc=etc)
The next window to open gives you an opportunity to proof-read and
correct your entries, after which the password is then encrypted or not
based on the value of 'encrypt type' which you enter in the
corresponding text box. (i.e.: Encrypt Type_________ Type plain,
md5sum, md5 or crypt.)
This "on" value, although an annoying bug, has no impact whatsoever and
the password is interpreted as "plain".
This bug is eliminated in the current version of DBMA which you can
download from http://library.mobrien.com/dbmailadministrator/
The default setting is to encrypt the password which is a "best
pratices" thing and a good idea.
In the latest version of DBMA there is a filter which checks for the
correct value of the $encrypttype key and forces various entries to
"blank" if the browser is passing "on" or "off" or the user has typed
"plain", "on", "off", "clear", "ascii", "cleartext", "plaintext",
"none", "", " " etceteras.
best... Mike
