Currently, when your user forgot his/her password and reset the password from the Forgot Password link in the Login page of web applications that generated by PHPMaker 9, then the Date of the password change is not being saved into User Profile field of the users table. This is not a good condition since it will impact to the wrong calculation of Password Expiry Time when system force user to change his/her password. All right then, let's see the explanation in detail from the example below.
For example, the last time user A changed his password (using Change Password page) is on June 1, 2012. Meanwhile, the password expiry time of the web application has been setup to value of 5 days. So system will force this user to change the password in future on June 6, 2012 (1 + 5 = 6). Unfortunately, user A cannot login because he suddenly forgot his password again, and then he reset his password from Forgot Password link on June 4, 2012. So currently, the date of reset password of User A is not being saved into User Profile field of users table, thus the next time system force user A to change his password will be on June 6, 2012 instead of June 9, 2012.
By implementing the following customization, then system will update the Date of password change in User Profile field. So, from the example above, the next time system will force user A to change the password will be on June 9, 2012 (4 + 5 = 9), and this is the proper condition as we want. In other words, this customization is very useful if you want to implement the truly logic of password expiry time that calculated from the last Date of user change or reset his/her password. In addition, from this customization, you can learn how to update the certain value of User Profile field in the users table easily.
Warning: You have to implement the customization I created in the following articles:
- How to Save the Last Users’ Visitted Page in Websites that Generated with PHPMaker 9.0.1
- How to Add Request Password Confirmation into Websites that Generated with PHPMaker 9.0.2
before doing the customization below.
Updated on July 22, 2012: This customization has been implemented in PHPMaker version 9.0.3, it matches to each other, and as a result, it works properly.
Updated on September 5, 2012: This customization has been implemented in PHPMaker version 9.0.4, it matches to each other, and as a result, it works properly.
Updated on November 29, 2012: This customization has been implemented in PHPMaker version 9.1.0, it matches to each other, and as a result, it works properly.
Updated on February 9, 2013: This customization has been implemented in PHPMaker version 9.2.0, it matches to each other, and as a result, it works properly.
Updated on June 17, 2013: This customization below has been handled by using MasinoForgotPwd extension. You don’t need to implement the customization below if you use my extensions together with the original PHPMaker Template and Extension files.
[hidepost]
-
Open your \Script\activatepassword.php file, and find this code:
$ActivatePassword->setSuccessMessage($Language->Phrase("PwdEmailSent")); // Set success message // Modified by Masino Sinaga, May 23, 2012before that line, please insert the following code:
// Begin of modification Save Reset Forgot Password Date into User Profile, by Masino Sinaga, June 6, 2012 global $UserProfile; $UserProfile = new cUserProfile(); $UserProfile->LoadProfileFromDatabase($user_name); $UserProfile->SetValue(EW_USER_PROFILE_LAST_PASSWORD_CHANGED_DATE, ew_StdCurrentDate()); $UserProfile->SaveProfileToDatabase($user_name); // End of modification Save Reset Forgot Password Date into User Profile, by Masino Sinaga, June 6, 2012
- Finally, re-generate your script files using PHPMaker as always.
[/hidepost]
Leave a Reply
You must be logged in to post a comment.