New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
update_with_password does not check to see if new password and confirmation are the same #1947
Comments
the validation will only happen if you have validatable included, it is not part of update_with_password to validate new password and friends. |
This is the exact issue I am having. Even if validatable is included, update_with_password does not return false if password and password_confirmation are different or if password_confirmation is nil. |
@mdoroudi I would like to see your fix. |
@joelcdoyle I see now. I will reopen the other issue, it is indeed a bug. |
Yey! I helped. Thanks, @josevalim |
update_with_password doesn't check if the new password and confirmation matches so it just accepts the new password regardless.
I'm already working on it so I can just submit the fix.
The text was updated successfully, but these errors were encountered: