[TYPO3] Encrypted FE User Password
Justin
jvanoel at live.nl
Fri Sep 5 09:47:30 CEST 2008
Pascal, thanks for your reaction.
I just downloaded kb_md5fepw but not yet installed it.
But when iam doing that change to the code like you said, is it possible for
the backend users to see the password of the FE users?
Because I want that BE users can't read the passwords..
Thanks again!
>Justin,
>I ran into these 'you are too advanced' messages this week, both TYPO 4.1.7
>and
>php 5.2 and 5.0.
>I just ignored them as I was installing on a development environment and
>could
>try it out.
>So far: no problems and everything works fine: sr_feuser_register,
>newloginbox.
>If you do have the opportunity to test: just go ahead and install!
>Please note that if you install kb_md5fepw, your BE users cannot change de
>fe
>users anymore without automtically changing the password.
>What I think happens: if you save the feuser record in the BE, the
>asterisks
>shown for the password will be md5-encrypted and then send over so the user
>gets
>a new password.
>To solve this, edit the ext_tables.php file _after_ uploading the ext but
>_before_ installing it. Change the line
>$TCA['fe_users']['columns']['password']['config']['eval'] .=
>',md5,password';
>into
>$TCA['fe_users']['columns']['password']['config']['eval'] .= ',md5';
>and then install.
>The md5 encrypted password is now not hidden anymore and editors can change
>the
>user's details and password.
>Hmmm, perhaps it should try and report this to get this handy ext
>up-to-date.....
>Pascal
More information about the TYPO3-english
mailing list