Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.When passwords are generated, there is no check to ensure the password is not already in use, assigned to a previous node.
Although the chances of duplicates are low, this could in theory lead to a user accidentally getting access to nodes they should not.
I have attached a patch to ensure unique passwords, please let me know if the patch has not been created correctly.
| Comment | File | Size | Author |
|---|---|---|---|
| ensure_unique_passwords.patch | 1.07 KB | grahamu |
Comments
Comment #1
danielb commentedBit of a delay on this issue because I will have to organise this for both D6 and D7.
Comment #2
danielb commentedPatch added to 6 and 7, cheers.