Various password logic fixes on client and server-side

Fixes #6399 Fixes #6400
2026-06-20 17:01:06 +02:00 · 2018-03-26 12:55:15 -04:00
parent 5c8bf3ce95
commit 0158b1aa91
6 changed files with 18 additions and 7 deletions
--- a/public/src/client/reset_code.js
+++ b/public/src/client/reset_code.js
@@ -15,6 +15,8 @@ define('forum/reset_code', ['zxcvbn'], function (zxcvbn) {
 			var strength = zxcvbn(password.val());
 			if (password.val().length < ajaxify.data.minimumPasswordLength) {
 				app.alertError('[[reset_password:password_too_short]]');
+			} else if (password.val().length > 512) {
+				app.alertError('[[error:password-too-long]]');
 			} else if (password.val() !== repeat.val()) {
 				app.alertError('[[reset_password:passwords_do_not_match]]');
 			} else if (strength.score < ajaxify.data.minimumPasswordStrength) {