View Issue Details

IDProjectCategoryView StatusLast Update
0005194OXID eShop (all versions)1.05. Userspublic2015-03-09 11:53
Status closedResolutionsuspended 
Product Version 
Target VersionFixed in Version 
Summary0005194: User get wrong message if he is not active
DescriptionUser get message same when he is not active and same when password or login name entered not correctly. This is wrong, shop need to announce differently if user is not active or password is wrong. As user might try lot of time to change password to correct and do not realize that he is inactive.
Steps To ReproduceCreate account.
Go to admin.
Disable new account.
Try to login with new account.
TagsNo tags attached.
PHP Versionany
MySQL Versionany


related to 0006026 acknowledged Valide email-address is recognized as invalide if wrong password typed in 



2013-06-18 15:31

reporter   ~0008783

I would suggest just to show that the user-password-combination is not right, may reduce password-attacks on specific accounts.

Some things i would find nice to see:
- user-password-combination wrong
- account disabled
- not confirmed (does the shop provide any optin-mechanism to confirm user-accounts yet?)


2015-03-09 11:53

administrator   ~0010767

moved to backlog