The password must be at least 5 characters in length

[hpno]

I am migrating an account from a DirectAdmin server to another. But after choosing the new server and clicked Save button, Blesta shows error: The password must be at least 5 characters in length

Which password then? Both servers have long passwords. That user has a long password.

Advice, please?

[Paul]

direct_admin.php defines a minLength of 5 for the direct_admin_password. Search ~/components/modules/direct_admin/direct_admin.php for "minLength", and you'll see a value of 5. You could try decreasing this temporarily to say 1 and see if that allows you to change the server. When finished, I'd suggest changing the value back.

[hpno]

So, is that for the server admin password? As I mentioned, both servers have long passwords already.

[Paul]

Yes that's correct. Are these long passwords stored in Blesta, or only on DA's side? Blesta is checking the password length as it is stored locally.

[hpno]

Changing 5 to 1 doesn't help. Still the same error. And yes, both passwords are stored in Blesta. The fact is those passwords are quite complex, such as W#JHD%hvF*8r6c.

 

[Paul]

Try changing it to 0. The error message will be the same regardless of the minLength, but this is the only location within the directadmin module that sets a requirement of 5.. so this must be it. Otherwise, it's your DA server returning the error, but I doubt it. (You could confirm by checking the module log Tools > Logs > Module Log)

When you edit the service, do you see the password asterisked out in the password field? ************ If this field is empty, it explains the error.

[hpno]

No, module log doesn't record anything when I clicked Save button in changing server.

And for editing service, do you mean that editing customer's service in customer page? Under Manage link? Then the password is shown as normal-readable text, not marked with *********

[Jono]

I'm assuming this occurs occurs on the admin/clients/editservice/ page.  The error is based on the password entered in that form.   Likely you will want to keep the same password, which should be auto-populated into the field, in plain text as you said.  This password should also be shown under the expanded row in the client services widget.   If you remove the value from this password field then you will get an error.  Are you removing that value?

[domaingood]

Hi I think the best way Linux typing the password as non-visible text.

Create Passwords:

• Password Length:
• Include Letters:
• Include Mixed Case:
• Include Numbers:
• Include Punctuation:
• No Similar characters:

[hpno]

2 hours ago, Jono said:

I'm assuming this occurs occurs on the admin/clients/editservice/ page.  The error is based on the password entered in that form.   Likely you will want to keep the same password, which should be auto-populated into the field, in plain text as you said.  This password should also be shown under the expanded row in the client services widget.   If you remove the value from this password field then you will get an error.  Are you removing that value?

No, I didn't remove anything. All I did was changing the servers, and clicking to Save button then the error appeared.

[Jono]

As long as that value is 5 characters or longer when you submit the form, the error should not occur.  Have you been able to recreate this since the first time?

[hpno]

6 hours ago, Jono said:

As long as that value is 5 characters or longer when you submit the form, the error should not occur.  Have you been able to recreate this since the first time?

Yes, since the first time I tried to change the server.

[Jono]

Hmm, well as I said, there shouldn't be any way for this to occur unless the value in that field is less than 5 characters long.  Let me know if this comes up again and I'll take another look.

[hpno]

1 hour ago, Jono said:

Hmm, well as I said, there shouldn't be any way for this to occur unless the value in that field is less than 5 characters long.  Let me know if this comes up again and I'll take another look.

See the attached file, unless we are talking about different places.

[Jono]

CORE-2458.  If you want to fix this in your code replace direct_admin.php lines 1267-1276

            'direct_admin_password' => [
                'format' => [
                    'rule' => ['matches', "/^[(\x20-\x7F)]*$/"], // ASCII 32-127
                    'message' => Language::_('DirectAdmin.!error.direct_admin_password.format', true)
                ],
                'length' => [
                    'rule' => ['minLength', 5],
                    'message' => Language::_('DirectAdmin.!error.direct_admin_password.length', true)
                ]
            ],

with

            'direct_admin_password' => [
                'format' => [
                    'if_set' => $edit,
                    'rule' => ['matches', "/^[(\x20-\x7F)]*$/"], // ASCII 32-127
                    'message' => Language::_('DirectAdmin.!error.direct_admin_password.format', true)
                ],
                'length' => [
                    'if_set' => $edit,
                    'rule' => ['minLength', 5],
                    'message' => Language::_('DirectAdmin.!error.direct_admin_password.length', true)
                ]
            ],

 

[hpno]

Now I can change the server. However, after changing server, the user password, as I showed above, disappeared. It's blank now.

[Jono]

21 hours ago, phamhung said:

Now I can change the server. However, after changing server, the user password, as I showed above, disappeared. It's blank now.

Right you are.  It looks like the change is only made locally.  It seems that if no password is given in the edit, it defaults to a blank value.  To fix this you can replace lines 1043-1049

        $params = [
            'username' => isset($service_fields->direct_admin_username)
                ? $service_fields->direct_admin_username
                : '',
            'passwd' => isset($vars['direct_admin_password']) ? $vars['direct_admin_password'] : '',
            'passwd2' => isset($vars['direct_admin_password']) ? $vars['direct_admin_password'] : '',
        ];

with

        $params = [
            'username' => isset($service_fields->direct_admin_username)
                ? $service_fields->direct_admin_username
                : '',
            'passwd' => isset($vars['direct_admin_password'])
                ? $vars['direct_admin_password']
                : (
                    isset($service_fields->direct_admin_password)
                        ? $service_fields->direct_admin_password
                        : ''
                ),
            'passwd2' => isset($vars['direct_admin_password'])
                ? $vars['direct_admin_password']
                : (
                    isset($service_fields->direct_admin_password)
                        ? $service_fields->direct_admin_password
                        : ''
        ]

Thereby causing it to maintain the current password by default.