[Typo3] FE user password stored in cleartext ?

Mathias Schreiber [wmdb>] mathias.schreiber at wmdb.de
Thu Jul 14 13:26:43 CEST 2005

Michael Stucki wrote:
> I agree the fe_user password should not be clear-text, regardless of how
> much work this means.

Maybe you got my post wrong.
It was meant to be a listing of what would be to do, no "look, too much 
work, don't wanna do it" :)

> However this will break existing sites so we have to clearly think about a
> proper solution.

Why that?
Simply make it a TYPO3_CONF_VARS value or implement it as PageTSConfig.
This way it is switchable.

> Is this submitted to the bugtracker already?

Not from my side, since I don't need the functionality right now.
I mean: it would be easy to implement via TYPO3_CONF_VARS since I can 
access them at any point.
But to make the TCA act accordingly is something I have no time to dive 
into right now.
Maybe someone else can do this?

if ($GLOBALS['TSFE']->fe_user->user['ahnung'] == 0) {
	$this->fresseHalten = 1;

More information about the TYPO3-english mailing list