[[wiki:tips:resetpassword]]
 
Trace: » resetpassword
Translations of this page?:

Reset password for auth_plain

:!: Information on this page is deprecated.
The current development version offers this funcion natively. — Matthias Grimm 2005-11-22 19:11

I have trouble remembering my passwords so I extended auth_plain.php to be able to reset and re-send the new password to any user that remembers his Username, Full Name and email. If these are all matched, in the Registration form, then a new password is generated and mailed to the previously stored e-mail address. (Mabye preventing just anyone from changing someone else's password.)

I modified only the inc/auth_plain.php in dokuwiki-2004-11-10 version. First, I modified the auth_createUser function near line 53 with a comment and 59 with the rcsdiff below:

53a54,55

*
* if all credentials match, just installs new password and returns it.

59c61,70 < if(isset($users[$user])) return false; —

if(isset($users[$user])) {
if user credentials match, then just update password > if($users[$user][“name”] == $name && $users[$user][“mail”] == $mail) { > generate and insert new password in users.auth
$pass=auth_newPassword($user);
return $pass;
}else{
return false;
}
}

Next, I added the function auth_newPassword to the end of the file as below.

Apologies to some, as I didn't modify the lang.php for the new error messages.

/** * used by the plaintext auth functions * generates a new password and replaces it in the user.auth file * returns pass so auth_createUser can return it for mail passwd */ function auth_newPassword($user){ $fh = fopen('conf/tmp_users.auth','w'); if($fh){ 

$lines = file('conf/users.auth');
foreach($lines as $line){
    if(preg_match("/^$user:/",$line)){
         $tmp=explode(":",$line);
         $pass = auth_pwgen();
         $tmp[1]=md5($pass);
         $line=implode(":",$tmp);
        }
    fwrite($fh,$line);
  }
fclose($fh);
if (rename('conf/tmp_users.auth','conf/users.auth')){
    return $pass;
  }else{
    //msg($lang['regmissing'],-1);
    msg("Could not rename tmp file to user.auth",-1);
    return false;
  }
}else{
  //msg($lang['regmissing'],-1);
  msg("Could not open 'conf/tmp_users.auth' for passwd update",-1);
  return false;
}

}

Larry Littlefield 15.11.2004 03:29

Some little addition: Allow the user to set a password he likes (all line numbers valid for version 2004-11-10):

1) add the following line after line 240 of inc/auth.php: 

 new:      $_POST['password'] = trim(str_replace(':','',$_POST['password']));

2) add the following line after line 245 of inc/auth.php: 

 new:      empty($_POST['password']) ||
...
//clean username
$_POST['login'] = preg_replace('/.*:/','',$_POST['login']);
$_POST['login'] = cleanID($_POST['login']);
$_POST['password'] = trim(str_replace(':','',$_POST['password']));
//clean fullname and email
$_POST['fullname'] = trim(str_replace(':','',$_POST['fullname']));
$_POST['email']    = trim(str_replace(':','',$_POST['email']));
if( empty($_POST['login']) ||
    empty($_POST['password']) ||
    empty($_POST['fullname']) ||
    empty($_POST['email']) ){
  msg($lang['regmissing'],-1);
  return false;
}
...

3) change the line 259 of inc/auth.php: 

 new:      $pass = auth_createUser($_POST['login'],$_POST['password'],$_POST['fullname'],$_POST['email']);
 original: $pass = auth_createUser($_POST['login'],$_POST['fullname'],$_POST['email']);

4) comment out line 61 of inc/auth_plain.php: (by Rongjun Mu) 

 new:      //$pass = auth_pwgen();
 original:   $pass = auth_pwgen();

5) change line 55 of inc/auth_plain.php: 

 new:      function auth_createUser($user,$pass,$name,$mail){
 original: function auth_createUser($user,$name,$mail){

6) add the following lines after line 759 of inc/html.php: 

 new:      <label>
             <?=$lang['pass']?>
             <input type="password" name="password" class="edit" size="50" value="<?=formText($_POST['password'])?>" />
           </label><br />
  ...
  <label>
    <?=$lang['user']?>
    <input type="text" name="login" class="edit" size="50" value="<?=formText($_POST['login'])?>" />
  </label><br />
  <label>
    <?=$lang['pass']?>
    <input type="password" name="password" class="edit" size="50" value="<?=formText($_POST['password'])?>" />
  </label><br />
  <label>
    <?=$lang['fullname']?>
    <input type="text" name="fullname" class="edit" size="50" value="<?=formText($_POST['fullname'])?>" />
  </label><br />
  ...

If the user himself has chosen his password it is not necessary to send the password via email. So you may want to change line 222 of inc/auth.php: 

 new:      return true;
 original: return @mail($users[$user]['mail'],$lang['regpwmail'],$text);

Don't forget the register.txt and $lang['regsuccess'] in the lang.php ;-). J. Siekmeyer, 15nov04.

I think J. Siekmeyer missed a point here. comment out line 62 in inc/auth_plain.php: (by Rongjun Mu)

Thx to Rongjun Mu for adding step 4). This was my first one and I showed every needed change else to make this one work - but not THE ONE it all was about. Took the chance to renumber the steps which were suffering from too much reordering. J. Siekmeyer, 24Nov04

 
wiki/tips/resetpassword.txt · Last modified: 2006/11/13 14:48 by andi
 
Imprint Recent changes RSS feed Creative Commons License Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki
WikiForumIRCBugsTranslate