glpi-project
GLPI 11 password reset
Code of Conduct
- [x] I agree to follow this project's Code of Conduct
Is there an existing issue for this?
- [x] I have searched the existing issues
Version
GLPI 11
Bug description
After creating a new user if you change the password a password 'pupup' is shown. The popup does not have a ' submit' button. If the alter password is confirmed by pressing enter various depr errors are shown and a type error (passing null instead of string).
I expect the error is caused only after initial creation of the user (when there is no history)
Relevant log output
PasswordHistory::updatePasswordHistory(): Argument #2 ($password) must be of type string, null given, called in ./src/User.php on line 1360
In ./src/PasswordHistory.php(126)
#0 ./src/User.php(1360): PasswordHistory->updatePasswordHistory()
#1 ./src/CommonDBTM.php(1833): User->post_updateItem()
#2 ./front/user.form.php(140): CommonDBTM->update()
#3 ./src/Glpi/Controller/LegacyFileLoadController.php(59): require('...')
#4 ./vendor/symfony/http-kernel/HttpKernel.php(101): Glpi\Controller\LegacyFileLoadController->{closure:Glpi\Controller\LegacyFileLoadController::__invoke():58}()
#5 ./vendor/symfony/http-foundation/StreamedResponse.php(106): Symfony\Component\HttpKernel\HttpKernel::{closure:Symfony\Component\HttpKernel\HttpKernel::handle():98}()
#6 ./vendor/symfony/http-foundation/Response.php(423): Symfony\Component\HttpFoundation\StreamedResponse->sendContent()
#7 ./src/Glpi/Kernel/Kernel.php(234): Symfony\Component\HttpFoundation\Response->send()
#8 ./public/index.php(60): Glpi\Kernel\Kernel->sendResponse()
#9 {main}
Page URL
https://mydomain/glpi11/public/front/user.form.php
Steps To reproduce
Just change the password. also test known errors like password not the same, to short, etc.
Your GLPI setup information
GLPI information
GLPI: 11.0.0-dev (/glpi11/public => /var/www/html/glpi11) Installation mode: GIT Current language: nl_NL
Server
Operating system: Linux codeserver 6.8.0-57-generic #59-Ubuntu SMP PREEMPT_DYNAMIC Sat Mar 15 17:40:59 UTC 2025 x86_64PHP: 8.4.5 fpm-fcgi
PHP extensions: Core, date, libxml, openssl, pcre, zlib, filter, hash, json, random, Reflection, SPL, session, standard, sodium, cgi-fcgi, mysqlnd, PDO, xml, bcmath, bz2, calendar, ctype, curl, dom, mbstring, FFI, fileinfo, ftp, gd, gettext, iconv, intl, ldap, exif, mysqli, pdo_mysql, Phar, posix, readline, shmop, SimpleXML, sockets, sysvmsg, sysvsem, sysvshm, tokenizer, xmlreader, xmlwriter, xsl, zip, Zend OPcache, xdebug
Setup: max_execution_time="30" memory_limit="128M" post_max_size="8M" safe_mode="" session.save_handler="files" upload_max_filesize="2M" disable_functions=""
Web server: Apache/2.4.58 (Ubuntu) (Apache/2.4.58 (Ubuntu) Server at 192.168.1.98 Port 80)
User agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Database:
Server Software: (Ubuntu)
Server Version: 8.0.41-0ubuntu0.24.04.1
Server SQL Mode: STRICT_TRANS_TABLES,NO_ZERO_IN_DATE,NO_ZERO_DATE,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION
Parameters: [email protected]/glpi11_testdb
Host info: 127.0.0.1 via TCP/IP
Requirements: PHP version (8.4.5) is supported. OS and PHP are relying on 64 bits integers. Sessions configuration is OK. Allocated memory is sufficient. Following extensions are installed: dom, fileinfo, filter, libxml, json, simplexml, xmlreader, xmlwriter. mysqli extension is installed. curl extension is installed. gd extension is installed. intl extension is installed. mbstring extension is installed. zlib extension is installed. bcmath extension is installed. The constant SODIUM_CRYPTO_AEAD_XCHACHA20POLY1305_IETF_NPUBBYTES is present. openssl extension is installed. Database engine version (8.0.41) is supported. No files from previous GLPI version detected. The log file has been created successfully. Write access to /var/www/html/glpi11/files/_cache has been validated. Write access to /var/www/html/glpi11/files/_cron has been validated. Write access to /var/www/html/glpi11/files has been validated. Write access to /var/www/html/glpi11/files/_graphs has been validated. Write access to /var/www/html/glpi11/files/_lock has been validated. Write access to /var/www/html/glpi11/files/_pictures has been validated. Write access to /var/www/html/glpi11/files/_plugins has been validated. Write access to /var/www/html/glpi11/files/_rss has been validated. Write access to /var/www/html/glpi11/files/_sessions has been validated. Write access to /var/www/html/glpi11/files/_tmp has been validated. Write access to /var/www/html/glpi11/files/_uploads has been validated.
Sessions configuration is secured. exif extension is installed. ldap extension is installed. openssl extension is installed. Following extensions are installed: bz2, Phar, zip. Zend OPcache extension is installed. Following extensions are installed: ctype, iconv, sodium. Write access to /var/www/html/glpi11/marketplace has been validated. Access to timezone database (mysql) is not allowed.
GLPI constants
GLPI_ENVIRONMENT_TYPE: "development" GLPI_ROOT: "/var/www/html/glpi11" GLPI_VERSION: "11.0.0-dev" GLPI_SCHEMA_VERSION: "11.0.0-dev@a53ca92172d538281e6c5a1754f3bc0d0f49a07c" GLPI_MIN_PHP: "8.2" GLPI_MAX_PHP: "8.4" GLPI_YEAR: "2025" GLPI_I18N_DIR: "/var/www/html/glpi11/locales" GLPI_CONFIG_DIR: "/var/www/html/glpi11/config" GLPI_VAR_DIR: "/var/www/html/glpi11/files" GLPI_MARKETPLACE_DIR: "/var/www/html/glpi11/marketplace" GLPI_ALLOW_IFRAME_IN_RICH_TEXT: false GLPI_SERVERSIDE_URL_ALLOWLIST: ["#^http://[^@:]+(:80)?(/.)?$#","#^https://[^@:]+(:443)?(/.)?$#","#^feed://[^@:]+(/.)?$#"] GLPI_DISALLOWED_UPLOADS_PATTERN: "/\.(php\d|phar)$/i" GLPI_TELEMETRY_URI: "https://telemetry.glpi-project.org" GLPI_INSTALL_MODE: "GIT" GLPI_NETWORK_MAIL: "[email protected]" GLPI_NETWORK_SERVICES: "https://services.glpi-network.com" GLPI_MARKETPLACE_ENABLE: 3 GLPI_MARKETPLACE_PRERELEASES: true GLPI_MARKETPLACE_ALLOW_OVERRIDE: true GLPI_MARKETPLACE_MANUAL_DOWNLOADS: true GLPI_USER_AGENT_EXTRA_COMMENTS: "" GLPI_DOCUMENTATION_ROOT_URL: "https://links.glpi-project.org" GLPI_DISABLE_ONLY_FULL_GROUP_BY_SQL_MODE: "1" GLPI_AJAX_DASHBOARD: "1" GLPI_CALDAV_IMPORT_STATE: 0 GLPI_CENTRAL_WARNINGS: "1" GLPI_TEXT_MAXSIZE: "4000" GLPI_WEBHOOK_ALLOW_RESPONSE_SAVING: "1" GLPI_DOC_DIR: "/var/www/html/glpi11/files" GLPI_CACHE_DIR: "/var/www/html/glpi11/files/_cache" GLPI_CRON_DIR: "/var/www/html/glpi11/files/_cron" GLPI_GRAPH_DIR: "/var/www/html/glpi11/files/_graphs" GLPI_LOCAL_I18N_DIR: "/var/www/html/glpi11/files/_locales" GLPI_LOCK_DIR: "/var/www/html/glpi11/files/_lock" GLPI_LOG_DIR: "/var/www/html/glpi11/files/_log" GLPI_PICTURE_DIR: "/var/www/html/glpi11/files/_pictures" GLPI_PLUGIN_DOC_DIR: "/var/www/html/glpi11/files/_plugins" GLPI_RSS_DIR: "/var/www/html/glpi11/files/_rss" GLPI_SESSION_DIR: "/var/www/html/glpi11/files/_sessions" GLPI_TMP_DIR: "/var/www/html/glpi11/files/_tmp" GLPI_UPLOAD_DIR: "/var/www/html/glpi11/files/_uploads" GLPI_INVENTORY_DIR: "/var/www/html/glpi11/files/_inventories" GLPI_THEMES_DIR: "/var/www/html/glpi11/files/_themes" GLPI_NETWORK_REGISTRATION_API_URL: "https://services.glpi-network.com/api/registration/" GLPI_MARKETPLACE_PLUGINS_API_URI: "https://services.glpi-network.com/api/marketplace/"
Libraries
symfony/mailer not found simplepie/simplepie version 1.8.1 in /var/www/html/glpi11/vendor/simplepie/simplepie/src tecnickcom/tcpdf version 6.9.1 in /var/www/html/glpi11/vendor/tecnickcom/tcpdf tecnickcom/tc-lib-barcode version in /var/www/html/glpi11/vendor/tecnickcom/tc-lib-barcode/src sabre/dav version in /var/www/html/glpi11/vendor/sabre/dav/lib/DAV sabre/http version in /var/www/html/glpi11/vendor/sabre/http/lib sabre/uri version in /var/www/html/glpi11/vendor/sabre/uri/lib sabre/vobject version in /var/www/html/glpi11/vendor/sabre/vobject/lib laminas/laminas-i18n version in /var/www/html/glpi11/vendor/laminas/laminas-i18n/src monolog/monolog version in /var/www/html/glpi11/vendor/monolog/monolog/src/Monolog sebastian/diff version in /var/www/html/glpi11/vendor/sebastian/diff/src donatj/phpuseragentparser version in /var/www/html/glpi11/vendor/donatj/phpuseragentparser/src/UserAgent elvanto/litemoji version in /var/www/html/glpi11/vendor/elvanto/litemoji/src gettext/languages version in /var/www/html/glpi11/vendor/gettext/languages/src symfony/console version in /var/www/html/glpi11/vendor/symfony/console symfony/config version in /var/www/html/glpi11/vendor/symfony/config/Loader symfony/dependency-injection version in /var/www/html/glpi11/vendor/symfony/dependency-injection symfony/event-dispatcher version in /var/www/html/glpi11/vendor/symfony/event-dispatcher symfony/filesystem version in /var/www/html/glpi11/vendor/symfony/filesystem symfony/framework-bundle version in /var/www/html/glpi11/vendor/symfony/framework-bundle symfony/http-foundation version in /var/www/html/glpi11/vendor/symfony/http-foundation symfony/http-kernel version in /var/www/html/glpi11/vendor/symfony/http-kernel symfony/routing version in /var/www/html/glpi11/vendor/symfony/routing scssphp/scssphp version in /var/www/html/glpi11/vendor/scssphp/scssphp/src laminas/laminas-mail version in /var/www/html/glpi11/vendor/laminas/laminas-mail/src/Protocol laminas/laminas-mime version in /var/www/html/glpi11/vendor/laminas/laminas-mime/src rlanvin/php-rrule version in /var/www/html/glpi11/vendor/rlanvin/php-rrule/src ramsey/uuid version in /var/www/html/glpi11/vendor/ramsey/uuid/src phpoffice/phpspreadsheet version in /var/www/html/glpi11/vendor/phpoffice/phpspreadsheet/src/PhpSpreadsheet psr/log version in /var/www/html/glpi11/vendor/psr/log/src psr/simple-cache version in /var/www/html/glpi11/vendor/psr/simple-cache/src psr/cache version in /var/www/html/glpi11/vendor/psr/cache/src psr/container version in /var/www/html/glpi11/vendor/psr/container/src league/csv version in /var/www/html/glpi11/vendor/league/csv/src mexitek/phpcolors version in /var/www/html/glpi11/vendor/mexitek/phpcolors/src/Mexitek/PHPColors guzzlehttp/guzzle version in /var/www/html/glpi11/vendor/guzzlehttp/guzzle/src guzzlehttp/psr7 version in /var/www/html/glpi11/vendor/guzzlehttp/psr7/src glpi-project/inventory_format version in /var/www/html/glpi11/vendor/glpi-project/inventory_format/lib/php wapmorgan/unified-archive version in /var/www/html/glpi11/vendor/wapmorgan/unified-archive/src paragonie/sodium_compat version in /var/www/html/glpi11/vendor/paragonie/sodium_compat/src symfony/cache version in /var/www/html/glpi11/vendor/symfony/cache html2text/html2text version in /var/www/html/glpi11/vendor/html2text/html2text/src symfony/css-selector version in /var/www/html/glpi11/vendor/symfony/css-selector symfony/dom-crawler version in /var/www/html/glpi11/vendor/symfony/dom-crawler twig/twig version in /var/www/html/glpi11/vendor/twig/twig/src twig/string-extra version in /var/www/html/glpi11/vendor/twig/string-extra symfony/polyfill-ctype not found symfony/polyfill-iconv not found symfony/polyfill-mbstring not found symfony/polyfill-php83 not found league/oauth2-client version in /var/www/html/glpi11/vendor/league/oauth2-client/src/Provider league/oauth2-google version in /var/www/html/glpi11/vendor/league/oauth2-google/src/Provider thenetworg/oauth2-azure version in /var/www/html/glpi11/vendor/thenetworg/oauth2-azure/src/Provider league/commonmark version in /var/www/html/glpi11/vendor/league/commonmark/src/Extension/CommonMark egulias/email-validator version in /var/www/html/glpi11/vendor/egulias/email-validator/src symfony/mime not found apereo/phpcas version in /var/www/html/glpi11/vendor/apereo/phpcas/source bacon/bacon-qr-code version in /var/www/html/glpi11/vendor/bacon/bacon-qr-code/src robthree/twofactorauth version in /var/www/html/glpi11/vendor/robthree/twofactorauth/lib ralouphie/getallheaders not found symfony/html-sanitizer version in /var/www/html/glpi11/vendor/symfony/html-sanitizer league/oauth2-server version in /var/www/html/glpi11/vendor/league/oauth2-server/src league/html-to-markdown version in /var/www/html/glpi11/vendor/league/html-to-markdown/src twig/markdown-extra version in /var/www/html/glpi11/vendor/twig/markdown-extra webonyx/graphql-php version in /var/www/html/glpi11/vendor/webonyx/graphql-php/src phpdocumentor/reflection-docblock version in /var/www/html/glpi11/vendor/phpdocumentor/reflection-docblock/src symfony/property-access version in /var/www/html/glpi11/vendor/symfony/property-access symfony/serializer version in /var/www/html/glpi11/vendor/symfony/serializer symfony/property-info version in /var/www/html/glpi11/vendor/symfony/property-info symfony/error-handler version in /var/www/html/glpi11/vendor/symfony/error-handler
SQL replicas
Not active
Notifications
Way of sending emails: PHP
Plugins list
samlsso Name: samlSSO Version: 1.2.00 State: Ingeschakeld
Install Method: Manual
Anything else?
No response
After creating a new user if you change the password a password 'pupup' is shown. The popup does not have a ' submit' button.
This is normal. The UI was cleaned up in #19123 and the mess of password fields was moved to a modal. There is no submit button here because you aren't submitting the password change separately from the user form. When you close the modal, you would see a message below the "Change password" button stating the change is pending.
If the alter password is confirmed by pressing enter
Pressing enter in these fields shouldn't submit the form. That is a bug.
That doesnt feel like intuitive form design. The button "change password" (for me) suggests its a separate process. This suggestion is enforced with the pop-out.
Feel free to offer an alternative that keeps us from returning to the messy user form we had in previous versions. My next suggestion was going to be to completely remove the ability to change the password in the form and replace it with a Massive Action which can only be seen and used from the Actions dropdown in the user form, but this seemed complicated to adapt the massive action feature for at the time.
Does the ui framwork offer say accordeon elements. In which case i would suggest to hide all non regular form elements in a hidden advanced section and offer a fold/unfold option(s) to access them. This allows you to keep the logic simple and the forms clean.