The Joomla! Forum ™

Download

Demo


Board index » Joomla! Older Version Support » Joomla! 1.0 » Security - 1.0.x

Forum rules


Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Security Checklist
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.



Post new topic Reply to topic  Page 1 of 1
  [ 4 posts ] 
  Print view Previous topic | Next topic 
Author Message
PhilEvans
PostPosted: Sat Sep 08, 2007 3:15 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Sat Sep 08, 2007 11:52 am
Posts: 5
(Almost) Newbie here, has anyone got any code that forces user to change password on first logon? I guess this would be similar to what happens when you request a password reset?
Top
 Profile  
 
jratunh21
PostPosted: Sat Sep 08, 2007 4:03 pm 
Joomla! Explorer
Joomla! Explorer

Joined: Thu Oct 12, 2006 10:55 pm
Posts: 345
Location: CT
with code, anything is possible.. i don't have the answer, but im sure the answer is out there.. if no one post code here, have you thought about google'n it ?? I'm sure if you tweak the php code, it might work, but i don't know if it would compromise security settings and such with joomla.. good luck, and i'll research the answer for you! 8)

_________________
" the boss of all bosses "
http://www.trakwriter.com

[JVulnerable extensions] http://help.joomla.org/component/option ... temid,268/
Top
 Profile  
 
PhilEvans
PostPosted: Sat Sep 08, 2007 5:26 pm 
Joomla! Apprentice
Joomla! Apprentice

Joined: Sat Sep 08, 2007 11:52 am
Posts: 5
Thanks for that!

I reckon without any change in DB structure then the code could check to see if lastvisitDate from the users table is equal to "0000-00-00 00:00:00" if so then it could force them into the user settings with a message to change password? The password reset code could also reset last visit to "0000-00-00 00:00:00" and force the same behaviour. Now where is the code? And can my limited php ability cope with making the change?  :laugh:
Top
 Profile  
 
mojito
PostPosted: Thu Aug 16, 2012 11:31 am 
User avatar
Joomla! Guru
Joomla! Guru

Joined: Wed Sep 07, 2005 10:18 pm
Posts: 593
Location: London
http://www.sourcecoast.com/forums/non-c ... rd-change/

it has issues that the form doesnt need to actually have anything written in the password change field - cant we empty the field - then it should validate and force the user to add two identical passwords ?

_________________
Check out the 'bad toilet' online !
Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 4 posts ] 


Board index » Joomla! Older Version Support » Joomla! 1.0 » Security - 1.0.x

Who is online

Users browsing this forum: No registered users and 8 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group