Gossamer Forum
(Advanced Search)
for
Home : Products : DBMan : Installation :

Allowing users to change their passwords / HELP

Feb 18, 1999, 3:34 AM
Germinator
User (52 posts)
Feb 18, 1999, 3:34 AM
Post #1 of 3
Views: 2029
Shortcut
Quote Reply
Allowing users to change their passwords / HELP
Hello DBman gurus !

I searched the 'password' string in messages issued since one year, but unfortunately no one among the 3 returned was addressing my concern.

So here is: I must allow the users to update their passwords with the Add / Modify form is displayed. Has someone already implemented this feature ? And how ?

In my case, each userid is unique and having the administrator do these frequent changes through email requests is inconvenient. The password field should be accessible in the form at the same time as the other fields pertaining to a user record and it should display by default the current uncrypted password.

Thanks in advance for any help and suggestion.

Cheers,
Germinator

PS: With this question I hope to keep the momentum in this very active and useful forum, the best I've found so far. This is due for a major part to the quality of the information discussed here and the gentle JPDeni and Alex (and others too !) willingly answering many questions, sometimes dumb or redundant, but always in a corteous manner.

At the end, these attitudes, added to the great scripts provided, make this site a very successful one. Many thanks to all.
Feb 18, 1999, 10:36 AM
JPDeni
Veteran / Moderator (8669 posts)
Feb 18, 1999, 10:36 AM
Post #2 of 3
Views: 1926
Shortcut
Quote Reply
Re: Allowing users to change their passwords / HELP In reply to
What a nice guy! You brought a tear to my eye! :')

Now to your question. Is there a way? There's almost always a way. But this one would take some doing. (I'm writing this off the top of my head, so it may be a bit disjointed.)

You would need to have a field in your db to include the non-encrypted password (obviously). This would mean that you would have to either take out the encryption scheme in auth.pl and sub admin_display (in db.cgi) so you could pull it out, or that you would have to create the user's record at the time the user first signs up for a password.

If you took out the encryption, you could pull the password from the .pass file when the user creates the record and then write to the .pass file when a record is modified.

If you create the record at the time of signup, you users wouldn't actually ever "add" a record at all. When they wanted to add their information, they would use the "modify" form to fill in all the missing information. Again, though, when they modified a record, you would have to write to the password file.

The writing to the password file would be a little tricky. You'd have to watch to be sure the users permissions were maintained. It's not realy that hard I don't think, but you'd just have to watch what you are doing.

Although I hadn't thought about it before, this is something I might want to use in an implementation of DBMan I'm contemplating. Please keep us informed about your progress.


------------------
JPD
Feb 18, 1999, 10:37 AM
JPDeni
Veteran / Moderator (8669 posts)
Feb 18, 1999, 10:37 AM
Post #3 of 3
Views: 1918
Shortcut
Quote Reply
Re: Allowing users to change their passwords / HELP In reply to
Oops!

[This message has been edited by JPDeni (edited February 18, 1999).]