I have installed the Secure Password Lookup mod from the Resources database and, while it works perfectly, it is more than I really need.

I am in a secure work environment where few people (< 100) will be logging into the db. I would prefer to have them create their own initial password, but with the option of having a password emailed to them should they forget what they used initially.

Perhaps there is a way to do this:

1) Capture their email address when the account is created (as is done in the current mod).
2) Use a password they suggest, and allow them to log in immediately.
3) If they forget their password, have one emailed to them (as is done in the current mod).
4) Allow them to change their password (as is done in the current mod).

In other words, is there a way to disable the feature that requires an initial mod-generated password be emailed to them?

Thanks!

Sure.

Add the following to sub html_signup_form (in the html.pl file)

(You can add font tags and bold tags if you want to.)

In sub signup (db.cgi), after

add

Delete the line

$in{'pw'} = &generate_password;

Change

to

And you might also want to delete the email that goes out. Or not, it's up to you. :)

JPD
http://www.jpdeni.com/dbman/

Fantastic!

There is one thing that did NOT need to be done, however:

--
JPDeni wrote:
Change

print PASS "$in{'userid'}:$encrypted:$permissions:$in{'email'}\n";
to

print PASS "$in{'userid'}:$in{'pw'}:$permissions:$in{'email'}\n";
--

I tried this and it did not work. From an admin account, I could see the account was created but the password was not encrypted. Changing this line back to the original condition, everything worked fine.

Thanks again for your informative (and timely) response. It is very much appreciated.

Sorry 'bout that. I got carried away.

I'm glad I was able to help.

JPD
http://www.jpdeni.com/dbman/

Hi,
Actually,it is a wonderful mod. But the thing is how can we valid the email address?? Any possible ways to vaild the email address with this mod before user can add their record??
Any thoughts??

:)

The secure password lookup mod does assure a valid email address before the user can add a record. Not the code that's here, but the code that's in the mod to start with. Since, in the basic mod, the password is sent to the user before he can log in, it guarantees a valid email address.


JPD
http://www.jpdeni.com/dbman/

Thanks JPDeni,
Yeah..as you said,the original security password lookup mod provide the function of email valid But all i would like to do is i can let my user to choose whatever password they want in the signup page instead of random password in the email. So,it will combine the above mod and the function of email valid in the security lookup mod.
is it possible?? how to do i??
Any thoughts??

Thanks again
:)

No way that I know of. The only way that I know of to make sure an email address is valid is to send an email to the address and require the person to respond with something in that email.


JPD
http://www.jpdeni.com/dbman/