Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Tips/Tricks/Mods

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 2nd September 2010, 17:50
radim_h radim_h is offline
Senior Member
 
Join Date: Jan 2007
Location: Prague, Czech
Posts: 418
Thanks: 33
Thanked 24 Times in 19 Posts
Send a message via ICQ to radim_h
Default HOWTO: loging to ISPC3 with email & simplified password reset

Maybe someone can use it:
I have other systems and client billing app, where users are logging in with theirs emails. I wanted them to have same login (email)also into ISPC3, so here is little "hack"



1. File: /usr/local/ispconfig/interface/web/login/index.php
change line 63 (lines are counted from version 3.0.3beta)
from:
Code:
if(!preg_match("/^[\w\.\-\_]{1,64}$/", $_POST['username'])) $error = $app->lng('user_regex_error');
to:
Code:
if(!preg_match("/^[\w\.\-\_\@]{1,64}$/", $_POST['username'])) $error = $app->lng('user_regex_error');
chnage line 68
from:
Code:
$username = $app->db->quote($_POST['username']);
to:
Code:
$username = $app->db->quote(str_replace('@', '_', $_POST['username']));


2. File: /usr/local/ispconfig/interface/web/login/password_reset.php

lines 44 to 50
change original block of code:
Code:
if(isset($_POST['username']) && $_POST['username'] != '' && $_POST['email'] != '' && $_POST['username'] != 'admin') {
	
	if(!preg_match("/^[\w\.\-\_]{1,64}$/", $_POST['username'])) die($app->lng('user_regex_error'));
	if(!preg_match("/^\w+[\w.-]*\w+@\w+[\w.-]*\w+\.[a-z]{2,10}$/i", $_POST['email'])) die($app->lng('email_error'));
	
	$username = $app->db->quote($_POST['username']);
	$email = $app->db->quote($_POST['email']);
to new one
Code:
if(/*isset($_POST['username']) && $_POST['username'] != '' &&*/ $_POST['email'] != '' && $_POST['username'] != 'admin') {
	
	//if(!preg_match("/^[\w\.\-\_]{1,64}$/", $_POST['username'])) die($app->lng('user_regex_error'));
	if(!preg_match("/^\w+[\w.-]*\w+@\w+[\w.-]*\w+\.[a-z]{2,10}$/i", $_POST['email'])) die($app->lng('email_error'));
	
//	$username = $app->db->quote($_POST['username']);
	$email = $app->db->quote($_POST['email']);
	$username = str_replace('@', '_', $email);
3. File: /usr/local/ispconfig/interface/web/login/templates/password_reset.htm

remove lines 19-22
Code:
      <div class="ctrlHolder">
      	<label for="username"><em>*</em> Username</label>
        <input name="username" id="username" value="" size="30" maxlength="255" type="text" class="textInput" />
      </div>


How to use it:

Let's say, our sample user is "user@domain.tld"

1. You must create create all users in ISPC with Username format as email with _ instead of @
so create user with Username: user_domain.tld and Email: user@domain.tld

Now when users ale loggin in, "@" in username(email) is replaced with "_" so they match system user

On password reset page, user doesn't have to input Email & username, they have to fill just email
which is IMO good as remembering two things is very hard for some customers .o)
but


BTW:
With this modification or not, it would be great if Password reset function will have to be confirmed by clicking on link which will come to user by email. Because if someone knows your email or login, they can simply reset your password anytime they want (but new password will be send to You)

Last edited by radim_h; 2nd September 2010 at 17:58.
Reply With Quote
Sponsored Links
  #2  
Old 2nd September 2010, 20:28
planet_fox planet_fox is offline
Senior Member
 
Join Date: Jun 2006
Location: Munic
Posts: 308
Thanks: 14
Thanked 8 Times in 6 Posts
Send a message via Skype™ to planet_fox
Default Nice

Nice, but I have see by an Hosting Provider an Option for Button with The Message " You want see the Password" than can you click on this Button and the Password is in plaintext. Its great when you have an user there haves on Smartphone PC and other things his mail adress configurated but Don't know what is the Password.
Reply With Quote
  #3  
Old 2nd September 2010, 22:33
radim_h radim_h is offline
Senior Member
 
Join Date: Jan 2007
Location: Prague, Czech
Posts: 418
Thanks: 33
Thanked 24 Times in 19 Posts
Send a message via ICQ to radim_h
Default bad idea

it is very bad idea to have password for anything in plaintext...
Reply With Quote
  #4  
Old 3rd September 2010, 14:35
planet_fox planet_fox is offline
Senior Member
 
Join Date: Jun 2006
Location: Munic
Posts: 308
Thanks: 14
Thanked 8 Times in 6 Posts
Send a message via Skype™ to planet_fox
Default

In the first moment I have see , i have the same mind . Than I become an call from an customer, i was happy for this option. In some Time I find this Option save Time.
Reply With Quote
  #5  
Old 6th September 2010, 01:57
radim_h radim_h is offline
Senior Member
 
Join Date: Jan 2007
Location: Prague, Czech
Posts: 418
Thanks: 33
Thanked 24 Times in 19 Posts
Send a message via ICQ to radim_h
 
Default

but this has nothing common with my post above, anyway
Reply With Quote
Reply

Bookmarks

Tags
email, ispconfig3, login, password reset

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Problems with the Virtual Users And Domains With Postfix, Courier And MySQL tutorial wwinfrey HOWTO-Related Questions 12 15th August 2006 16:38
MySQL Server password reset. CJMostert Installation/Configuration 4 14th August 2006 21:12
Email username and password do not work iratik Installation/Configuration 8 11th August 2006 17:22
Error: Password error: Bad login (creating new email) torusturtle Installation/Configuration 6 21st June 2006 01:26
How to install BFD (Brute Force Detection) domino Tips/Tricks/Mods 9 31st March 2006 22:40


All times are GMT +2. The time now is 01:24.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.