[Vtigercrm-commits] [vtiger development] #6019: Forgot Password in the Customer Portal login page retrieve wrong password
vtiger development
vtiger-tickets at trac.vtiger.com
Wed Jun 3 16:47:58 EDT 2009
#6019: Forgot Password in the Customer Portal login page retrieve wrong password
------------------------------+---------------------------------------------
Reporter: Pierluigi.Bucolo | Owner: developer
Type: defect | Status: new
Priority: critical | Milestone: 5.1.0
Component: customerportal | Version: 5.1.0-val2
Keywords: |
------------------------------+---------------------------------------------
Forgot Password in the Customer Portal login page when there are two
contacts having the same email, retrieve only the first password in the
vtiger_portalinfo.
The Customer Portal use EmailID/Password like UNIQUEID to authenticate the
contact.
(see: http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/5908).
The form to retrieve the password ask ONLY for the EmailID that identify
two (or more) contacts, so the emailId provide an ambiguous key.
If two contacts share the same ID and togheter have access to the portal,
in case of password retrieve only the first portal enabled contact can
retrieve own password.
Sorry, but I don't understand this design.
The Email is personal. Why different contacts can be use the same email ?
For me the EmailID must be UNIQUE and must be a KEY in the
vtiger_contactdetails table, so in the vtiger_portalinfo there will be no
ambiguity.
Please correct this issue.
--
Ticket URL: <http://trac.vtiger.com/cgi-bin/trac.cgi/ticket/6019>
vtiger development <http://trac.vtiger.com/>
vtigerCRM
More information about the vtigercrm-commits
mailing list