I am using 2.9.11 too and I have no problems (tested 2 minutes ago). Regards, Martin
2014-09-30 10:40 GMT+02:00 Eric <e.christiaa...@gmail.com>: > Hi, > > Since version 2.9.11 of Web2Py this piece of code can be found in tools.py: > > if self.settings.prevent_password_reset_attacks: > key = request.vars.key > if not key and len(request.args)>1: > key = request.args[-1] > if key: > session._reset_password_key = key > redirect(self.url(args='reset_password')) > else: > key = session._reset_password_key > > Why does this: > if not key and len(request.args)>1: > > Needs to be bigger than 1? Why not 0? > > We used this url to reset passwords: > > http://127.0.0.1:8000/choose-new-password/1404975130-6f97a238-a47c-4ed2-b84a-e2837a1c1fbe > > This breaks at the moment, now we need to call an url like this: > > http://127.0.0.1:8000/choose-new-password/dummy/1404975130-6f97a238-a47c-4ed2-b84a-e2837a1c1fbe > > To get enough args :( > > choose-new-password() is located in the default.py and default.py is set > as the default controller in routes.py like this: > default_controller = 'default' > > It feeld like >1 is a mistake / bug and it should be >0. In case this is > done by design, be will add the 'dummy' argument to the url :) > > > -- > Resources: > - http://web2py.com > - http://web2py.com/book (Documentation) > - http://github.com/web2py/web2py (Source code) > - https://code.google.com/p/web2py/issues/list (Report Issues) > --- > You received this message because you are subscribed to the Google Groups > "web2py-users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to web2py+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/d/optout. > -- Resources: - http://web2py.com - http://web2py.com/book (Documentation) - http://github.com/web2py/web2py (Source code) - https://code.google.com/p/web2py/issues/list (Report Issues) --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
