Forums / Developer / Allow Admin to view user passwords

Allow Admin to view user passwords

Author Message

Fabricio Guerrero

Wednesday 15 February 2006 5:46:17 am

Hi,

Due to a final request from a client so finally send a site live he's asked to allow admin to be able to view the users passwords...

what would you guys consider the best way going about this?? i really don't know too much about the admin templates due to i've never really had to do any custom work in this part of an eZ site..

any clues or suggestions higlhly appreciated.

Fabricio.

http://www.solobromasychistes.com <<Joomla Site :P
http://www.recipesforhealthyfood.com/ <<Drupal Site :P
http://www.ezforge.com/ <<future ezCommunity, Articles, forums and more...

Thomas Nunninger

Wednesday 15 February 2006 6:06:31 am

Hi,

I can't imagine <b>any</b> case where someone else than the user himself should know the password.

By the way: the password is encrypted/hashed in the database - so there is no way to look at it. You'd need to change the user account datatype first - saving the password (additionally) in plain text. Later you can override / extend other templates (in the admin or normal site) to show this.

But at all - I wouldn't do that!

Have a nice day

Thomas

Fabricio Guerrero

Wednesday 15 February 2006 6:22:51 am

Ok,

thank you.

The reason being is that we're migrating their oldiste to a ezPublish site and it seems in their old system they are able to view users passwords.

Any how thankyou for your help.

Fabricio.

http://www.solobromasychistes.com <<Joomla Site :P
http://www.recipesforhealthyfood.com/ <<Drupal Site :P
http://www.ezforge.com/ <<future ezCommunity, Articles, forums and more...

Kristof Coomans

Wednesday 15 February 2006 11:05:51 pm

You can let eZ store the passwords in plain text by altering or adding these settings in <i>settings/override/site.ini.append</i>:

[UserSettings]
HashType=plaintext

independent eZ Publish developer and service provider | http://blog.coomanskristof.be | http://ezpedia.org