diff options
| author | Mark Sapiro <msapiro@value.net> | 2011-05-09 18:34:07 -0700 |
|---|---|---|
| committer | Mark Sapiro <msapiro@value.net> | 2011-05-09 18:34:07 -0700 |
| commit | 168f74f5b381070879789f8b6c4e4ee8b599dbd6 (patch) | |
| tree | ff7e7aa77da017de17c03b29c242ee448acecc24 /Mailman/Cgi/subscribe.py | |
| parent | 68c8d57f95b53ed2dc204bf0ee617c650df00c9a (diff) | |
| download | mailman2-168f74f5b381070879789f8b6c4e4ee8b599dbd6.tar.gz mailman2-168f74f5b381070879789f8b6c4e4ee8b599dbd6.tar.xz mailman2-168f74f5b381070879789f8b6c4e4ee8b599dbd6.zip | |
Prevented setting user passwords with leading/trailing whitespace. Bug #778088.
Diffstat (limited to 'Mailman/Cgi/subscribe.py')
| -rw-r--r-- | Mailman/Cgi/subscribe.py | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/Mailman/Cgi/subscribe.py b/Mailman/Cgi/subscribe.py index 0d10eb19..7c49c51c 100644 --- a/Mailman/Cgi/subscribe.py +++ b/Mailman/Cgi/subscribe.py @@ -125,12 +125,12 @@ def process_form(mlist, doc, cgidata, lang): syslog('mischief', 'Attempt to self subscribe %s: %s', email, remote) results.append(_('You may not subscribe a list to itself!')) # If the user did not supply a password, generate one for him - password = cgidata.getvalue('pw') - confirmed = cgidata.getvalue('pw-conf') + password = cgidata.getvalue('pw', '').strip() + confirmed = cgidata.getvalue('pw-conf', '').strip() - if password is None and confirmed is None: + if not password and not confirmed: password = Utils.MakeRandomPassword() - elif password is None or confirmed is None: + elif not password or not confirmed: results.append(_('If you supply a password, you must confirm it.')) elif password <> confirmed: results.append(_('Your passwords did not match.')) |