[2.0.17.8] Fixed the password reset ' bug

jrapage

If you are running V2.0.17.8, chances are your password reset mechanism will fail. After clicking the link in the email and selecting a new password, you will find this fatal error:

Fatal error: Nesting level too deep - recursive dependency? in /home/XXXXXX/library/core/class.authenticator.php on line 122

In PHP there are two comparison operators, == and ===. It’s generally known that the first is not strict about type but the second is. When comparing two objects using the non-strict comparison operator (==) PHP compares all the properties of the objects and if they match the objects are deemed to be equal. If they don’t match they are not equal. In effect, we have a recursive comparison of all the properties of each object, and all their properties, etc. until we reach basic data types like strings and integers.
If, however, we use strict comparison (===), PHP will check whether the two objects are exactly the same object, not just objects with the same properties.

The solution to this problem with Vanilla is to make edits to the following two files:

core/class.authenticator.php Line 122 if ($DataSource == $this) { -> if ($DataSource === $this) {

AND

core/authenticators/class.passwordauthenticator.php Line 107 if (is_object($this->_DataSource) && ($this->_DataSource == $this || $this->_DataSource->IsPostBack() === TRUE)) { ---> if (is_object($this->_DataSource) && ($this->_DataSource === $this || $this->_DataSource->IsPostBack() === TRUE)) {

tester13

Hope to find this fix in next release.

boyquotes

Hi,

I have a vanilla forum ( 2.0.17.10 ) and i have the same bug...

And this patch solve the bug, thanks,

Nicolas