changeset 14166:2a050069f37b 13.0

mod_admin_shell: Don't echo password back to the client Unintentional debugging introduced in 0e9e3efa381f
author Matthew Wild <mwild1@gmail.com>
date Tue, 19 May 2026 19:24:53 +0100
parents 0c81b8fede94
children f149652cb5ff
files plugins/mod_admin_shell.lua
diffstat 1 files changed, 0 insertions(+), 6 deletions(-) [+]
line wrap: on
line diff
--- a/plugins/mod_admin_shell.lua	Tue May 19 19:22:38 2026 +0100
+++ b/plugins/mod_admin_shell.lua	Tue May 19 19:24:53 2026 +0100
@@ -1880,9 +1880,6 @@
 			return promise.reject("Unacceptable password");
 		end
 
-		self.session.print(("PW: %q"):format(raw_password));
-		self.session.print(("PW2: %q"):format(prepped_password));
-
 		local ok, err = um.create_user_with_role(username, prepped_password, host, role);
 		if not ok then
 			return promise.reject("Could not create user: "..err);
@@ -1954,9 +1951,6 @@
 			return promise.reject("Unacceptable password");
 		end
 
-		self.session.print(("PW: %q"):format(raw_password));
-		self.session.print(("PW2: %q"):format(prepped_password));
-
 		local ok, err = um.set_password(username, prepped_password, host, nil);
 		if ok then
 			return "User password changed";