Opened 8 years ago

Closed 8 years ago

#26599 closed Bug (worksforme)

Django Passsword Change Form giving wrong POST value for Old Password of Admin

Reported by: shikha-desai Owned by: nobody
Component: Template system Version: 1.8
Severity: Normal Keywords: Admin:Password Change Form
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

I have created a link to the Password Change Form using :

<a href="{% url 'admin:password_change' %}">{% trans 'Change password' %}</a>

The problem is : It works for all web users, but if I login as admin and then change the password, say if the original password is:'admin'...Now I change it to '1234', it works and I can login again.

But when I again go to change_password and try to change from '1234' to something else, it gives 'Incorrect Old Password'.

On debugging, I found that the POST request received has the old_password field value as 'admin' while I have typed '1234'.

When I tried to add another field on the html page and updated the old_password section as below:

<div class="form-group">
    <div class="control-label col-sm-2">
        {{ form.old_password.label_tag }}
    </div>
    <div class="controls col-sm-10">
        {% dab_field_rendering form.old_password %}
        {{ form.old_password }}
        {% if form.old_password.errors %}<span class="text-danger">{{ form.old_password.errors|striptags }}</span>{% endif %}
    </div>
</div>

It works perfectly fine and receives the correct request, but I can't ask user to enter the old password two times. There seems to be a problem with the code of change password.

Change History (1)

comment:1 by Tim Graham, 8 years ago

Resolution: worksforme
Status: newclosed

Please provide a test case for Django's test suite that demonstrates the problem (see the existing tests in tests/auth_tests/test_views.py) or very specific steps with the exact URLs and inputs for each step. Also be sure to disable any third-party apps to rule out a bug there.

Note: See TracTickets for help on using tickets.
Back to Top