Jump to:

5537 Posts in 1737 Topics by 1223 members

Customising the CMS

SilverStripe Forums » Customising the CMS » Username/password case sensitivity and login error messages

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Page: 1
Go to End
Author Topic: 599 Views
  • sra
    Community Member
    1 Post

    Username/password case sensitivity and login error messages Link to this post

    Hi all,

    Not sure if this is the right place to post, so if the mods need to move it, please do so.

    I've taken over a SilverStripe website and the users have noticed two things they would like changed:

    1. The username and password fields when you log in are case sensitive. Putting aside arguments of whether or not a password should be all one case, how would I modify SilverStripe to achieve this? I'd like to find the file and line of code I need to modify. At a guess, I'm hoping that I can track down the string comparison between the username entered and what is in the database, and transform both to lowercase (or upper) just for the comparison. I've been poking around the /sapphire/security/MemberLoginForm.php file at the moment. I'm open to your recommendations though!

    2. If a user enters a username in to the login form that is utterly wrong (not one that exists in the database) and submits this, no error message comes back after the post back. The user just sees the blank form rather than a message saying that the username or password is wrong. To actually get the error message, you need to have a username that is in the database, but with incorrect case (hence the question above as well). Where in SS should I be looking for this comparison so I can display an error message more befitting?

    It is a SS 2.4.7 website.

    TIA. Much appreciated.

  • Nicolaas
    Forum Moderator
    213 Posts

    Re: Username/password case sensitivity and login error messages Link to this post

    1. I would not try to change that, because these type of security parts of the SS CMS you should not tinker with as they will definitely cause more hassle than anything

    2. I have the same problem on 2.4.7

Page: 1
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.