[Typo3] FE user password stored in cleartext ?
Mathias Schreiber [wmdb>]
mathias.schreiber at wmdb.de
Thu Jul 14 13:26:43 CEST 2005
Michael Stucki wrote:
> I agree the fe_user password should not be clear-text, regardless of how
> much work this means.
Maybe you got my post wrong.
It was meant to be a listing of what would be to do, no "look, too much
work, don't wanna do it" :)
> However this will break existing sites so we have to clearly think about a
> proper solution.
Why that?
Simply make it a TYPO3_CONF_VARS value or implement it as PageTSConfig.
This way it is switchable.
> Is this submitted to the bugtracker already?
Not from my side, since I don't need the functionality right now.
I mean: it would be easy to implement via TYPO3_CONF_VARS since I can
access them at any point.
But to make the TCA act accordingly is something I have no time to dive
into right now.
Maybe someone else can do this?
--
if ($GLOBALS['TSFE']->fe_user->user['ahnung'] == 0) {
$this->fresseHalten = 1;
}
More information about the TYPO3-english
mailing list