So as I was installing and testing BlogEngine.NET as the blog service for Rapidparts Inc, I found a bug in the Change Password functionality. A fellow blogger was trying to change his password and it would inform him that the password change was successful, however, when he attempted to log in, he was unable to use the new password, but the old password still worked.
Since BlogEngine.NET uses a plain text XML file to store bloggers user information, I decided to investigate. I found that this certain blogger's password was the same as three others when he tried to change his password. I decided to jump into the code and see what might be breaking. Upon looking at the method that was changing the password it was looping through each user in the XML file and comparing if the username was equal to the user who was logged in or if the password was equal to the "old password" that was supplied. Since this user's password was the same as those other three users, it changed the first one that matched instead.
I made the change in the code and republished and everything worked as expected. I submitted a bug to the creators of BlogEngine.NET, we'll see what they have to say about my repairs
Comments
May 4. 2009 07:24
Great to hear that! By the way, thanks for the information webmaster!
That Com
May 12. 2009 14:50
Great post webmaster.
Phone Number
July 1. 2009 16:54
Just because we've grown up and our stage looks a bit different now, we haven't outgrown the tendency to shine when we're appreciated.
vajinismus
Home
© Rapidparts, Inc 2008 | 2950 Walkent Ct. NW, Grand Rapids, MI 49544 | Phone 616.647.2500 | info@rpionline.com