View Issue Details

IDProjectCategoryView StatusLast Update
0007153OXID eShop (all versions)2.1. Master Settingspublic2020-07-02 08:51
Reporters.krenz 
PrioritylowSeveritytweakReproducibilityalways
Status acknowledgedResolutionopen 
Product Version 
Target VersionFixed in Version 
Summary0007153: Input field length for SMTP password is too small
DescriptionI had to configure a SMTP connection with a long password. After entering the password in OXID admin, I got an "Authentication failed" error.

After some investigation I found this issue:

I used the password "ThisIsALongPassword.TooLongForThisInputField,ButNotTooLongForTheDB." and entered into the "SMTP password" input field in OXID admin (Attachment 1). After clicking "Save" only "ThisIsALongPassword.TooLongForThisInputField,ButNo" was stored to the DB (Attachment 2).
I edited the HTML to see what is inside the input field and I found out it's already truncated (Attachment 3).

There are two different definitions of maximum field length for the SMTP password (and maybe for other fields too). In MySQL it is defined as "VARCHAR(128)", so it could be 128 characters long.
TagsNo tags attached.
ThemeNot defined
BrowserNot defined
PHP VersionNot defined
Database VersionNot defined

Activities

s.krenz

2020-06-30 14:02

reporter  

QA

2020-06-30 15:48

administrator   ~0013260

Last edited: 2020-07-02 08:51

View 6 revisions

The input field has the attribute maxlength="50", which cuts everything of after 50 characters. While typing, you may notice it, but even than it's a little tricky since it is showing only dots.

I see three possible workarounds:

1) Shorter password, obvious and easiest way.
2) Extend the admin_shop_main_leftform block in the shop_main.tpl with a module and change the maxlength attribute.
3) Add the password directly into the database, but be aware if you save again in the administration area. I don't recommend doing this.

Since 50 characters is usually enough and the restriction is on the form side, not in the database, I would not consider it a real bug. The bad thing is, that you're not getting notified about the maximum 50 characters. So I agree that some improvements should be done.

[sp]