lsm/Orchard
1
0
Fork 0
mirror of https://github.com/OrchardCMS/Orchard.git synced 2025-08-01 19:58:57 +08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

#19896: Don't validate password inputs

Browse Source 
Work Item: 19896
This commit is contained in:
Sebastien Ros 2013-10-23 15:49:32 -07:00
parent d079d8aacd
commit 103e71d42f
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/Orchard.Web/Modules/Orchard.Users/Controllers/AccountController.cs
View File

@ -75,6 +75,7 @@ namespace Orchard.Users.Controllers {
[HttpPost]
[AlwaysAccessible]
[ValidateInput(false)]
[SuppressMessage("Microsoft.Design", "CA1054:UriParametersShouldNotBeStrings",
Justification = "Needs to take same parameter type as Controller.Redirect()")]
public ActionResult LogOn(string userNameOrEmail, string password, string returnUrl, bool rememberMe = false) {
@ -120,6 +121,7 @@ namespace Orchard.Users.Controllers {
[HttpPost]
[AlwaysAccessible]
[ValidateInput(false)]
public ActionResult Register(string userName, string email, string password, string confirmPassword) {
// ensure users can register
var registrationSettings = _orchardServices.WorkContext.CurrentSite.As<RegistrationSettingsPart>();
@ -249,6 +251,7 @@ namespace Orchard.Users.Controllers {
}
[HttpPost]
[ValidateInput(false)]
public ActionResult LostPassword(string nonce, string newPassword, string confirmPassword) {
IUser user;
if ( (user = _userService.ValidateLostPassword(nonce)) == null ) {