Hello, \i'm trying the blesta to replace whmcs because of it's security bugs.
but now i found another bug. i'm using cpanel module to change account password either via admin or as client. when the changed has been made it show success. but i can't use new password to login to cpanel. the old password still there on cpanel.
After checking blesta log for unsuscces password change contain: {"passwd":[{"statusmsg":"Sorry, the password you selected cannot be used because it is too weak and would be too easy to guess. Please select a password with strength rating of 60 or higher.","services":null,"rawout":null,"status":0}]}
so i try with more complex password and voila the cpanel password has changed to the new one
and the log is: {"passwd":[{"statusmsg":"Password changed for user “xxxxx”.","services":[{"app":"system"},{"app":"ftp"},{"app":"mail"},{"app":"MySQL"},{"app":"postgresql"}],"rawout":"Password for “xxxxx” has been changed.\nUpdating FTP passwords for xxxxx\nFTP password files updated.\nFTP vhost passwords synced\n","status":1}]}
i think this must been fixed. if the cpanel password is not strength enough, blesta should not save the new password and tell that the action is success.
hope you guys can understand.
thank you..
