Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

People with space in their password cannot change it #19

Open
siddhu323 opened this issue Aug 28, 2014 · 4 comments
Open

People with space in their password cannot change it #19

siddhu323 opened this issue Aug 28, 2014 · 4 comments
Labels
Bug report

Comments

@siddhu323
Copy link

Gives this error

Error! Usage: .[-+/?#!]passwd old password new password

Being caused due to choice of delimiter (space). Can be fixed by changing the delimiter to something else or by not allowing people to have space in their password.
@KuZon
Copy link

KuZon commented Feb 20, 2015

changing the command in to two steps
like !regme oldpass if ok then newpass
will it affect right click commands

@nishithshah2211
Copy link
Member

That is one approach. Another thing that we can do is this: Change the pattern here to:
sData:match "%b<> .%w+ (%S+ ?%S*) (%S+)|$"
This will allow users with space in their password to be changed to a new one, but without any spaces. If users give spaces in new password, absurd things will happen, and we can mention the same thing in hubtopic for a week or any relevant place where it should be mentioned; that 'if changing password, don't use spaces in new password; we are not accepting spaces in passwords anymore.'
For example:

s1 = 'old pass newpass'
s2 = 'oldpass newpass'
s3 = 'oldpass new pass'
s4 = 'old pass new pass'
s1:match "(%S+ ?%S*) (%S+)|$" -- 1st captured group = 'old pass'  2nd captured group = 'newpass'
s2:match "(%S+ ?%S*) (%S+)|$" -- 1st captured group = 'oldpass'  2nd captured group = 'newpass'
s3:match "(%S+ ?%S*) (%S+)|$" -- 1st captured group = 'oldpass new'  2nd captured group = 'pass'
s4:match "(%S+ ?%S*) (%S+)|$" -- 1st captured group = 'pass new'  2nd captured group = 'pass'

@KuZon1's suggestion is good, if it is not too much pain to change right click commands.
The above(very crude though; anything better from anyone?) can be done if we want to restrict users from using space in passwords.

@hjpotter92
Copy link
Member

What about the case when my password has more than one space? For eg. o l d pa ss wor d @nishithshah2211

@KuZon1 While your suggestion certainly is one way to go, it'd be too cumbersome to manage. Consider for eg. I try to change my password today. I send in !regme oldpass (or changepass, I don't remember the exact command). Then the hub sends me an OK flag aceepting my old password. Now, I change my mind about keeping the existing password (oldpass). The server would still keep waiting for me to pass a new command.

We can use the user's existing password in the pattern instead, and match everything that follows afterwards to be accepted as new password choice:

local sPattern = ( "%%b<> [-+*/?#!]%%w+ %s (.+)|$" ):format( RegMan.GetReg(tUser.sNick).sPassword )
local sNewPass = sData:match( sPattern )
if sNewPass then
    -- simply update user's password

@KuZon
Copy link

KuZon commented May 28, 2015

@hjpotter92 we can use timeout option

If we use this code we can capture newpass

local sPattern = ( "%%b<> [-+*/?#!]%%w+ %s (.+)|$" ):format( RegMan.GetReg(tUser.sNick).sPassword )
local sNewPass = sData:match( sPattern )
if sNewPass then
-- simply update user's password

I think we should restrict space in newpass in order to verify oldpass.
@nishithshah2211 what say ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug report
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@hjpotter92 @siddhu323 @nishithshah2211 @KuZon