Details
-
Type:
Bug
-
Status: Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 5.0.0
-
Component/s: Client Interface, Staff Interface
-
Labels:None
Description
When submitting a one time password during the 2FA check that is longer than 16 characters, an error is returned:
String data, right truncated: 1406 Data too long for column 'otp' at row 1 on line 196 .../path/to/PdoConnection.php
User input should not exceed 16 characters. The reporter of this bug included the following diff for our consideration:
diff --git a/blesta/app/models/users.php b/blesta/app/models/users.php
index 3b6fa517..75e4ec57 100644
— a/blesta/app/models/users.php
+++ b/blesta/app/models/users.php
@@ -66,6 +66,11 @@ class Users extends AppModel
// Validate OTP
$rules = [
'otp' => [
+ 'valid' => [
+ 'rule' => ['maxLength', 16],
+ 'message' => $this->_('Users.!error.otp.auth'),
+ 'final' => true
+ ],
'auth' => [
'rule' => [[$this, 'validateOtp'], $user],
'message' => $this->_('Users.!error.otp.auth')
@@ -986,6 +991,11 @@ class Users extends AppModel
// Validate OTP
$rules['otp'] = [
+ 'valid' => [
+ 'rule' => ['maxLength', 16],
+ 'message' => $this->_('Users.!error.otp.auth'),
+ 'final' => true
+ ],
'auth' => [
'rule' => [[$this, 'validateOtp'], $user],
'message' => $this->_('Users.!error.otp.auth')
Activity
Paul Phillips
created issue -
Paul Phillips
made changes -
| Field | Original Value | New Value |
|---|---|---|
| Rank | Ranked higher |
| Rank | Ranked higher |
| Sprint | 5.1.0 Sprint 3 [ 127 ] |
| Rank | Ranked higher |
| Assignee | Jonathan Reissmueller [ jonathan ] |
| Status | Open [ 1 ] | In Progress [ 3 ] |
| Status | In Progress [ 3 ] | In Review [ 5 ] |
| Resolution | Fixed [ 1 ] |
| Remaining Estimate | 0 minutes [ 0 ] | |
| Time Spent | 25 minutes [ 1500 ] | |
| Worklog Id | 14804 [ 14804 ] |
| Status | In Review [ 5 ] | Closed [ 6 ] |
