[TYPO3-core] RFC: #10017: [felogin] New Method for "forgotPassword"
Dmitry Dulepov
dmitry at typo3.org
Fri Dec 26 15:39:18 CET 2008
Hi!
Steffen Kamper wrote:
> Branches: trunk
Why there is a patch for 4.2.3?
> The old method has a few issues that makes it possible to annoy other
> users, a new password is generated if you enter a valid email address.
>
> The new method doesn't allow this and has advantages:
> * enter username or email
> * send email with a link which is valid only for a cinfigured time
> * by clicking the link you can enter a new password in a new form
>
> This method supports md5 and salt (if the extensions are installed).
> It's improved as typo3.org use this patch for some time now.
There are too many formatting changes in the patch. Impossible to quickly see what is changed in the logic. Please, see one of the lastest Stucki requests about separating formatting changes from the rest. He got a point...
--
Dmitry Dulepov
TYPO3 core team
In the blog: http://typo3bloke.net/post-details/how_will_i_fix_bugs_in_extensions_from_now_on/
My TYPO3 book: http://www.packtpub.com/typo3-extension-development/book
More information about the TYPO3-team-core
mailing list