Welcome to Geeklog, Anonymous Tuesday, June 18 2024 @ 12:46 am EDT

Geeklog Forums

Don't want users to be able to change their passwords


MrG

Anonymous
I'm using the newest version of Geeklog. Just installed a short while ago.

Does anyone know how to remove the "Username & Password" tab when you're logged in and click on the "My Account" link under the User Function block?

New User Registration is not active. We are entering the users and don't want them to be able to change their user name and/or their password that we give them, so we need to remove that from the tab when they click on "My Account".

Thanks.
 Quote

Status: offline

Roccivic

Forum User
Moderator
Registered: 05/19/10
Posts: 136
You could:

* Comment out the following lines (886 to 916) in "usersettings.php"
Text Formatted Code

    $current_password = DB_getItem($_TABLES['users'], 'passwd',
                                   "uid = {$_USER['uid']}");
    if (!empty ($A['passwd']) || ($A['email'] != $_USER['email']) ||
            ($A['cooktime'] != $_USER['cookietimeout'])) {
        if (empty($A['old_passwd']) ||
                (SEC_encryptPassword($A['old_passwd']) != $current_password)) {

            return COM_refresh ($_CONF['site_url']
                                . '/usersettings.php?msg=83');
        } elseif ($_CONF['custom_registration'] &&
                    function_exists ('CUSTOM_userCheck')) {
            $ret = CUSTOM_userCheck ($A['username'], $A['email']);
            if (!empty($ret)) {
                // Need a numeric return for the default message handler
                // - if not numeric use default message
                if (!is_numeric($ret['number'])) {
                    $ret['number'] = 400;
                }
                return COM_refresh("{$_CONF['site_url']}/usersettings.php?msg={$ret['number']}");
            }
        }
    } elseif ($_CONF['custom_registration'] &&
                function_exists ('CUSTOM_userCheck')) {
        $ret = CUSTOM_userCheck ($A['username'], $A['email']);
        if (!empty($ret)) {
            // Need a numeric return for the default message handler
            // - if not numeric use default message
            if (!is_numeric($ret['number'])) {
                $ret['number'] = 400;
            }
            return COM_refresh("{$_CONF['site_url']}/usersettings.php?msg={$ret['number']}");
        }
    }


* In the language files change $MESSAGE[68] (on line 1223 in english.php) from
"You have to enter the correct current password."
to
"You are not allowed to perform this action."

Maybe someone else will have a better idea though.

Rouslan
 Quote

MrG

Anonymous
Tried that and it made no difference.
 Quote

Status: offline

Roccivic

Forum User
Moderator
Registered: 05/19/10
Posts: 136
Well, it doesn't remove the "username & password" tab, but makes it unusable. Every request will fail.

Is that not good enough?
 Quote

Status: offline

Roccivic

Forum User
Moderator
Registered: 05/19/10
Posts: 136
You can also remove lines 34 to 38 and 41 to 47 in {path/to/your/layout/folder/}preferences/profile.thtml
to remove the fields for changing the password in the "username and password" tab.

they look like this:
Text Formatted Code
    <dl class="notes">
      <dt>{lang_password_help_title}</dt>
      <dd>{lang_password_help}</dd>
      <dd><strong>{lang_enter_current_password}</strong></dd>
    </dl>

and
Text Formatted Code
      <dt><label for="profile-passwd">{lang_password}</label></dt>
      <dd><input type="password" size="32" maxlength="32" value="{password_value}" name="passwd" id="profile-passwd" class="text"{xhtml}></dd>
      <dd class="description">{lang_password_text}</dd>

      <dt><label for="profile-passwd_conf">{lang_password_conf}</label></dt>
      <dd><input type="password" size="32" maxlength="32" value="{password_value}" name="passwd_conf" id="profile-passwd_conf" class="text"{xhtml}></dd>
      <dd class="description">{lang_password_text_conf}</dd>


But this is more of an aesthetic thing and it is more critical that you remove the actual functionality from usersetting.php first.
 Quote

MrG

Anonymous
So Sorry about that. I simply ASSumed that because the fields were still there that the fix did not work. I hadn't tried it. Just did now, and your fix worked just as you said it would. Thank you.

Didn't realize you put that extra statement in there under your fix for just that purpose.

Again I apologize for not following through.

Rich

 Quote

Status: offline

Roccivic

Forum User
Moderator
Registered: 05/19/10
Posts: 136
Glad that worked fine for you. Take care.
 Quote

All times are EDT. The time is now 12:46 am.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content