PDA

View Full Version : [Release vb2.0] Send random password instead of activation code


bira
05 May 2001, 02:11
THIS HACK WILL NOT WORK IN VB 2.2.0 AND UP! DO NOT ATTEMPT TO INSTALL IT!
Go to http://www.vbulletin.org/forum/showthread.php?s=&threadid=33068 for the appropriate hack


This is something I've wanted to do for a long time, and since someone mentioned it in the Suggestions forum, I figured I'd write the hack :)

Purpose: When a new user regsiters, he is e-mailed a password generated randomly. He will not be able to log in until he receives this e-mail and uses that password. (the same happens if an existing user changes his e-mail address).

After installing this hack, you will have three options essentially:

1) Don't verify the e-mail is valid.
In this case the user selects his own password and nothing is sent to him.

2) Verify the e-mail is valid by sending an activation code
This is how vBulletin works now: a user selects his own password during registration, and the BB Mailer sends him an activation code / link that he needs to use before he's able to post

3) Verify the e-mail is valid by sending a random password
In this case the user DOES NOT select a password but instead he receives a randomly generated password by e-mail. He will not be able to log in / post until he receives and uses this password.


The installation includes:

1) Running a script that updates your database (adds an option "Send New Users Random Password?" with default "NO" -- to preserve your currect state).

2) Editing three scripts (register.php, member.php, admin/functions.php)

3) Editing two templates (registeradult, registercoppa) and adding three new templates (small ones).


If you have questions, I'm here :)

Cheers,

Bira

bira
05 May 2001, 02:23
A couple of images to help out understand what this hack does:

http://www.atlasf1.com/personal/bira/password1.gif

And

http://www.atlasf1.com/personal/bira/password2.gif

Essam
05 May 2001, 02:26
Thats great, I will try it today.
one question, if the user change his email, will your hack send new password?

bira
05 May 2001, 02:28
yes, Essam, if the user changes his e-mail, it will automatically generate his a new password, e-mail it to him and log him out so he won't be able to log in until he uses this new password.

bira
05 May 2001, 02:30
If people want to test it, they can test this on my test board at

http://www.bira.co.il/bb/index.php

*** DISCLAIMER TO JELSOFT: this is NOT a production bb but rather a test board that I've set up for Ed Sullivan. Please don't sanction me for using it (no one posts on it or anything.)

nuno
05 May 2001, 02:34
thank you bira
excellent ;)

bokhalifa
05 May 2001, 08:00
good hack;)

floleb7
05 May 2001, 12:55
it would be great to include this to 2.0 ;)

bokhalifa
05 May 2001, 13:26
where can i change this sentence?


ÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜ
Here are your login details for the bulletin board at http:// .

Username = bokhalifa
Password = +

Don't forget that they are case sensitive!

To edit your profile, go to this page:
http://

Yours,
dar bokhalifa team

ÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜÜ

thanks;)

Essam
05 May 2001, 20:20
question, what will happen to the ppl who havn't activated themsevles? of course I mean the ones who registered before installing this hack.

bira
05 May 2001, 20:35
Essam, they can still activate themselves. That system did not get impaired in any way.

bokhalifa, this is the template email_lostpw -- it's the same template that people get when they lost their password and request for it.

Essam
05 May 2001, 20:48
mmm,,
Is there a way to send all the unactivated members a new password? instead of still requiring them to activate themselves.

bira
05 May 2001, 20:54
Essam, go to the Control Panel -> Usergroups. Click in 'list users' next to Users Awaiting Email Confirmation. For each user you can:

1) change his usergroup to 'registered'
2) click on 'send password'

If you have more than a dozen or so, let me know and I'll write you a quick script to run to do that in a batch.

bokhalifa
05 May 2001, 21:35
thank you bira

good hack min;)

Essam
05 May 2001, 21:54
More than a dozen?! :)
I have 1319 member awaitning confirmation

I would really appreciated if you write me that hack. The hack will send a random password right?
Cause for the normal password this can be done from "Email Users".

bira
05 May 2001, 22:12
Essam with so many, I would actually recommend you delete them, because there are bound to be a lot of duplicate people who tried several times, or people who tried a long time ago and forgot about it.

If, however, you want to send them a password anyway and don't mind about "dead" registrations, then you could just do the following two steps IN THAT ORDER:

1) email password to all the users in the "Users Awaiting Email
Confirmation"

2) AFTER sending the e-mail, run a MySQL query via phpMyAdmin:


UPDATE user SET usergroupid='2' WHERE usergroupid='3' AND posts='0'


Personally, I would recommend you delete all those accounts who are, say, one month old. If you want to do this, then run the following command BEFORE you do steps 1 and 2 mentioned above:


DELETE FROM user WHERE usergroupid='3' AND posts='0' AND joindate<'986500000'

Essam
05 May 2001, 22:20
Thank you bira,
I'll try that.

-dloh-hammer
08 May 2001, 21:37
Is this hack for rc1 or rc2 ?

get a parsing error in register.php line 204 /207

bira
09 May 2001, 07:50
rc2

-dloh-hammer
09 May 2001, 13:57
lol than I must upgrade :)

Remi
09 May 2001, 14:17
bira

Thank you very very much

It was a dream to have this hack :D

I have RC1 and it is working wounderfull

bira
09 May 2001, 14:30
Glad to have helped, Remi :)

RobAC
09 May 2001, 23:51
This is an awesome hack as I just tested it out on my forums, but it breaks Tubedogg's automatic welcome message upon registration hack. :(

bira
10 May 2001, 00:30
RobAC, if you give me the URL to that hack, I'll check where they collide and how you can use them together.

RobAC
10 May 2001, 00:38
Bira,

Here you go. Thanks!

http://www.vbulletin.com/forum/showthread.php?s=&threadid=13857

bira
10 May 2001, 00:49
RobRAC,

I checked tubedogg's hack and there's no reason the two hacks should collide, provided you insert the code right.

Here's what you need to make sure:

If you already hacked the file register.php then the end result should be like this.

Find (in the ORIGINAL file):


if ($verifyemail) {
$getjoindate=$DB_site->query_first("SELECT joindate FROM user WHERE userid='$userid'");
$activateid=$getjoindate[joindate];

eval("\$message = \"".gettemplate("email_activateaccount",1,0)."\";");
eval("\$subject = \"".gettemplate("emailsubject_activateaccount",1,0)."\";");

mail ($email,$subject,$message,"From: \"$bbtitle Mailer\" <$webmasteremail>");

}


And CHANGE that to (my hack's addition is in red, and tubedogg's hack addition is in blue):


if ($verifyemail) {
if ($randpassword=="0") {
$getjoindate=$DB_site->query_first("SELECT joindate FROM user WHERE userid='$userid'");
$activateid=$getjoindate[joindate];

eval("\$message = \"".gettemplate("email_activateaccount",1,0)."\";");
eval("\$subject = \"".gettemplate("emailsubject_activateaccount",1,0)."\";");
} else {
eval("\$message = \"".gettemplate("email_lostpw",1,0)."\";");
eval("\$subject = \"".gettemplate("emailsubject_lostpw",1,0)."\";");
}

mail ($email,$subject,$message,"From: \"$bbtitle Mailer\" <$webmasteremail>");

}

// send a welcome email using email_welcome and emailsubject_welcome templates, but don't
// send it now if they need to activate their account
if ($welcomeuser) {
eval("\$message = \"".gettemplate("email_welcome",1,0)."\";");
eval("\$subject = \"".gettemplate("emailsubject_welcome",1,0)."\";");

mail($newuseremail,$subject,$message,"From: \"$bbtitle Mailer\" <$webmasteremail>");
}
// end send mail


That's it. The two hacks don't even "meet" at any other point :)


By the way, out of curiosity: if you are using email verification, be it with activation code or with random password, why on earth do you need a separate Welcome E-mail? Simply add your welcome message and whatever text you want to the already existing e-mail templates that are sent to the new users.

RobAC
10 May 2001, 00:56
Bira,

I'll double check this....actually, you've made a good point here. Thanks.

RobAC
10 May 2001, 01:18
Bira,

Instead of using the email_lostpw template, how can I use a different email template? I want to add in the welcome message to this template, but don't want to make that kind of addition to the lostpw template.

bira
10 May 2001, 01:25
Rob, create a new template (eg: email_newpw) and in my hack, wherever it mentions email_lostpw change it to your new template's name.

p.s.

But make sure that the variables from email_lostpw (the variables for the username and password at least!) also appear in your new template.

bira
10 May 2001, 01:35
Actually, Rob, there is only one place you need to replace email_lostpw with your new template's name, and that is in register.php.

In my hack instructions it says:


Find:

$getjoindate=$DB_site->query_first("SELECT joindate FROM user WHERE userid='$userid'");
$activateid=$getjoindate[joindate];

eval("\$message = \"".gettemplate("email_activateaccount",1,0)."\";");
eval("\$subject = \"".gettemplate("emailsubject_activateaccount",1,0)."\";");

REPLACE it with:

if ($randpassword=="0") {
$getjoindate=$DB_site->query_first("SELECT joindate FROM user WHERE userid='$userid'");
$activateid=$getjoindate[joindate];

eval("\$message = \"".gettemplate("email_activateaccount",1,0)."\";");
eval("\$subject = \"".gettemplate("emailsubject_activateaccount",1,0)."\";");
} else {
eval("\$message = \"".gettemplate("email_lostpw",1,0)."\";");
eval("\$subject = \"".gettemplate("emailsubject_lostpw",1,0)."\";");
}


This refers to register.php. So, in that bit - and ONLY that bit - you will want to replace email_lostpw with your new template's name, as well as emailsubject_lostpw with a new template's name (for the subject message of your combined Welcome + Password to new user).

So, to sum this up:

1) Create two new template, say email_newpw and emailsubject_newpw. These two templates should resemble in content the lostpw templates, only with your Welcome text.

2) Add my hack EXACTLY like the instructions says, but before you upload the hacked files run a SEARCH/REPLACE in register.php for _lostpw and replace it with _newpw.

That's it.

Am I making any sense? Sorry, I'm tired :)

RobAC
10 May 2001, 04:23
Another problem, for some reason, I'm no longer notified when a new user registeres with the Forums. I have it set so that I'm notified as soon as someone registers. I no longer receive this email notification.

bira
10 May 2001, 04:26
Rob, for some reason I get a feeling that you managed to much up register.php :)

I use this hack and get notified for every new user, so that's not the problem.

Why don;t you e-mail me your register.php and I'll fix it?

My e-mail is goren@atlasf1.com

Cheers,

Bira

psico
21 Jun 2001, 12:24
Bira I have a problem!!
I'm using vb 2.0.1 and when the users wants to change something from their CP the changes are not taken and the member.php put this message:


Thank you for updating your profile, psico. Because you changed your email address, you will be sent an email to verify its existence.


But I've not changed my email...

Sorry about my english but It's not my language...

Thanks for your help...

J_PC
21 Jun 2001, 14:19
Thanks for a cool hack

MApI
23 Jun 2001, 22:18
Bira,
I'm using vb 2.0.1, followed hack instructions (isn't the firt one I insert), but nothing happen.
There isn't into CP something to change sets, and new users can choose their password.

Thanx in adv.

:confused:

MApI
26 Jun 2001, 07:38
Might be the template side ? The new one comes in the istructions without any HTML command. It that regular ? Yek !

cya

:confused:

psico
27 Jun 2001, 02:56
Please anyone can help me with my problem?

Thanks a lot!!!.


I'm using vb 2.0.1 and when the users wants to change something from their CP the changes are not taken and the member.php put this message:


Thank you for updating your profile, psico. Because you changed your email address, you will be sent an email to verify its existence.

But I've not changed my email...

bira
27 Jun 2001, 02:59
I've installed a clean (no hacks) version of vBulletin 2.01 and then installed this hack as per the instructions, followed to a T.

I had no problems at all, and none like you describe. I really, really don't have a clue what the problem could be for you, but I would suggest you go back to the original version(s) of the scripts, and then re-install the hack, making sure you follow the directions exactly.

Sorry I cannot be of any further help.

Buu
29 Jun 2001, 01:28
Bira i installed your hack today now everything seems to be fine but when i let some one register it gives an code fatal error on Line 192 in the register.php file.......

NE idea's to help you as much as i can i include the full Register.php.

You can contact me by mail or icq

-= ICQ 100535249
-= Mail : shadowbumble@hotmail.com

Hope this will be enough

Removed on request

bira
30 Jun 2001, 06:32
Buu,

1) Your register.php page is NOT a vB2 version one

2) vBulletin does not allow the posting of an entire script. Please remove the attachment from your post.

Cheers,

Bira

Remi
01 Jul 2001, 15:15
Bira

Is there a way to send all the users a new password

The reason for this is to prevent any user with false Email from posting.

Thanks in advance Bira

bira
01 Jul 2001, 22:27
Remi,

You mean you want to mass-change the password to all the registered users, and mass-email all these users their new password?

Please elaborate as much as you can, and I'll write you a script on how you can do this.

Remi
02 Jul 2001, 01:18
Yes Bira

This is exactly what I mean :o

I am very thankful to you Bira :o

psico
04 Nov 2001, 01:22
I REALLY need this Hack for vB2.2.0 but the code is diferent in the register.php anyone knows how to make it works?

THANKS!!

Remi
09 Dec 2001, 03:50
Does this hack work with the latest version 2.2.1?

Thanks

bira
09 Dec 2001, 03:57
THIS HACK WILL NOT WORK IN VB 2.2.0 AND UP! DO NOT ATTEMPT TO INSTALL IT!

Remi
09 Dec 2001, 05:31
:(

IS there any hope of upgrading the hack Bira!!

It was a very usefull

bira
09 Dec 2001, 05:33
Remi I'll look at it, but I can't promise.

The whole password & activation processes have changed completely in 2.2.0 and up, so I'll have to look at the code and see what I can do for you.

Remi
09 Dec 2001, 05:45
Thank you very much Bira

Please do your best, it is extreamly important for me and I am sure it is as important for many othrers

bira
09 Dec 2001, 10:51
http://www.vbulletin.org/forum/showthread.php?s=&threadid=33068 -- version 2 of this hack, for vBulletin 2.2.0 and up.