Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authenticate() does not check for disabled user account. #17

Closed
NathanGibbs3 opened this issue Apr 19, 2019 · 0 comments
Closed

Authenticate() does not check for disabled user account. #17

NathanGibbs3 opened this issue Apr 19, 2019 · 0 comments
Assignees
@NathanGibbs3
Labels
bug Something isn't working invalid This doesn't seem right LCB-TechDebt Issue exists in Legacy Code Base. We inherited it. Prod Observed in Production Environment. Security Issue impacts or is related to App Security.
Milestone
1.4.6

Comments

@NathanGibbs3
Copy link
Owner

NathanGibbs3 commented Apr 19, 2019
edited
Loading

File: includes/base_auth.inc.php
Class: BaseUser
Function: Authenticate() & AuthenticateNoCookie()
Expected Behavior:
Disabled accounts are denied login.
Current Behavior:
Function does not check for disabled account.
@NathanGibbs3 NathanGibbs3 added bug Something isn't working invalid This doesn't seem right Prod Observed in Production Environment. LCB-TechDebt Issue exists in Legacy Code Base. We inherited it. Security Issue impacts or is related to App Security. labels Apr 19, 2019
@NathanGibbs3 NathanGibbs3 mentioned this issue Apr 19, 2019
Open
@NathanGibbs3 NathanGibbs3 added this to the 1.4.6 milestone Oct 17, 2020
@NathanGibbs3 NathanGibbs3 added Stability Issue impacts or is related to App Stability. and removed Stability Issue impacts or is related to App Stability. labels Dec 3, 2021
@NathanGibbs3 NathanGibbs3 self-assigned this Feb 17, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@NathanGibbs3 NathanGibbs3

Labels
bug Something isn't working invalid This doesn't seem right LCB-TechDebt Issue exists in Legacy Code Base. We inherited it. Prod Observed in Production Environment. Security Issue impacts or is related to App Security.
Projects
None yet
Milestone
1.4.6
Development

No branches or pull requests
1 participant
@NathanGibbs3