New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

`$user->password($pw)` should hash the password #1571

rrelmy opened this Issue Aug 28, 2017 · 1 comment


None yet
2 participants

rrelmy commented Aug 28, 2017

Expected behaviour

Calling $user->password('secret') should update the hashed password.

Actual behaviour

The hashed password does not change and a new field password is appended to the user.yaml with the plain text password.

This should not happen under any circumstances.

Steps to reproduce

  1. Calling $user->password('secret'); $user->save();


Remove the hashed password before setting the new one will correctly hash the password

$user->remove('password_hash'); // Workaround for #1571

Server Details

Statamic Version: 2.6.6


This comment has been minimized.

rrelmy commented Aug 28, 2017

If you copy the Patch PHPStorm should automatically offer you to apply it to the project. If not you can use VCS » Apply Patch from Clipboard ;-)

Index: statamic/core/Data/Users/User.php
IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
--- statamic/core/Data/Users/User.php    (revision 49405b956c2e9a9fb0cd2a8fa629feff4b0e3e4c)
+++ statamic/core/Data/Users/User.php    (revision )
@@ -83,6 +83,7 @@
         $this->set('password', $password);
+        $this->remove('password_hash');
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment