Password not encrypted

Devilmorfose · 11-04-2007

Hello everyone,
I have a problem with members changing their passwords.

When they register, the password gets encrypted, as it should. When changing the password in Profile settings AND in Admin menu however, it does not get encrypted and it shown 1-1 in the MySQL database.
When trying the Forgot password option, the new password also get's encrypted right.

How can I fix this?? So it only occurs when changing the password.

Devilmorfose · 11-06-2007

Anyone with an answer?

Devilmorfose · 11-14-2007

Well.. ? Still no one?

**mrpowless** · 11-14-2007

what are your lines 203 and 599 of profile_edit.php
what does your 3 password settings say in
admin panel/settings/profile field manager

sometimes i've seen people mess with them and have problems

Devilmorfose · 11-15-2007

Lines 200 and up.

Code:

if( $fname == 'Password' )
{
if( !empty( $_POST[$fname] ) )
$p_arr_new[$fname] = md5( $_POST[$fname] );
else
$p_arr_new[$fname] = $p_arr[$fname];
}

and lines 600 and up

Code:

else
{
$respd = db_res("SELECT * FROM ProfilesDesc WHERE `visible` & $db_vsbl AND ( FIND_IN_SET('0',show_on_page) OR FIND_IN_SET('".(int)$_page[name_index]."',show_on_page)) ORDER BY `order` ASC"); while ( $arrpd = mysql_fetch_array($respd) )
{
$fname = get_input_name ( $arrpd );

switch ($arrpd['type'])
{
case 'set': // set of checkboxes
break;

case 'date':
$p_arr_new[$fname] = sprintf("%04d-%02d-%02d",
(int)$_POST[$fname . '_year'],
(int)$_POST[$fname . '_month'],
(int)$_POST[$fname . '_day']
);
break;

default:
if( $fname == 'Password' )
{
if( !empty( $_POST['Password'] ) )
$p_arr_new[$fname] = md5( $_POST[$fname] );
else
$p_arr_new[$fname] = $p_arr[$fname];
}
else
$p_arr_new[$fname] = process_pass_data($_POST[$fname]);
break;
}
}
}

Devilmorfose · 11-29-2007

Come on you guys..

**mrpowless** · 11-29-2007

admin panel/settings/profile fields manager
Here are the settings for Password:

mandatory: unchecked

visible to:

• member: checked

• admin: checked

editable for:

• member: checked

• admin: checked

show on page:

• editprofilepage: checked

edit box lenght: 10

min length: 0

max length: blank

hit save, there are other checkboxes, yes if its not mentioned then its "unchecked" if it works the "mandatory" will stay unchecked.

if that doesn't work people have had success with deleting the entry in the database. This happens when people select mandatory for the password which needs absolutely no other setting then above.

For this go to your mysql database (in your cpanel on your server click on phpmyadmin) - then go to the table 'ProfilesDesc' ... then browse through to the field that you want to change ...password ... and then click on the pencil to edit that field...and then select all the text in the check field and delete it. I know this sounds scary but if you notice, only the fields that are mandatory have info in the check fields. Delete this information that is in the check field and then save...and you are set.

Devilmorfose · 11-30-2007

Thanks, I can change passwords now!
However.. On the members profile page there are now 3 password related fields. I figured I only need the Password and Confirm Password fields to change a password. Can I deactivate or hide the Change password field?
I can't turn Mandatory off for that field and am also forced to assign the field to a page.