CMS MADE SIMPLE FORGE

Self Registration

 
Back Back to List

[#6474] Self reg failing because password not md5

avatar
Created By: Steve O'Shaughnessy (sjo123)
Date Submitted: Thu May 12 15:40:08 -0400 2011

Assigned To: Robert Campbell (calguy1000)
Version: 1.6.9
CMSMS Version: None
Severity: Major
Resolution: Works For Me
State: Closed
Summary:
Self reg failing because password not md5
Detailed Description:
I have users registering then automatically logging in, but the process is
failing because the password is not being encrypted in the database

in action.reguser.php

// it appears we're allowing instant registration
$result = $this->_CreateFrontendUser( $tmpuid, $params['group_id'], $username,
$password, $expires, FALSE ); // do not do md5 stuff.

changed to:

// it appears we're allowing instant registration
$result = $this->_CreateFrontendUser( $tmpuid, $params['group_id'], $username,
md5($password), $expires, FALSE );

FEU is 1:12:13


History

Comments
avatar 
Date: 2011-06-28 04:39
Posted By: simone marchi (magoafono)

I've this problem too, but your suggestion doesn't work.
I've done further investigation and I've found the problem.
In action.verifyuser.php you have to change this line:

if( md5($password) != $tmpuser['passsword'] )

with these three lines:

$feu = cms_utils::get_module('FrontEndUsers');
$salt = $feu->GetPreference('pwsalt');
if( md5($password.$salt) != $tmpuser['passsword'] )

ciao simone
avatar 
Date: 2011-07-03 22:35
Posted By: Robert Campbell (calguy1000)

I just tested this... works fine here.
Updates

Updated: 2012-03-31 15:33
cmsms_version_id: => -1
state: Open => Closed

Updated: 2011-07-03 22:35
resolution_id: 5 => 11

Updated: 2011-05-12 15:43
description: I have users registering then automatically logging in, but the process is failing because the password is not being encrypted in the database in action.reguser.php // it appears we're allowing instant registration $result = $this->_CreateFrontendU => I have users registering then automatically logging in, but the process is failing because the password is not being encrypted in the database in action.reguser.php // it appears we're allowing instant registration $result = $this->_CreateFrontendU
version_id: -1 => 29001
resolution_id: => 5