Passwords

[habby]

Hiya as it said in one of the posts to remove encryption I have to remove all instances of the crypt function...  Now I did that and was messing about with the codes for ages to get it working, anyway, when I finally got to the stage where the passwords are going into the database as they should be, I tried to login, it wouldnt work.

Well obviously its trying to match the encrypted version with an unencrypted version in the database, So when I tried to fix that, when I thought it was done, i entered in a username and passwrd and it didnt give me a message about a bad password, it insted rtedirected me to the forums home and I wasnt logged in...

Could anyone tell me how to get it working.  I have good resons for wanting my passes in plain text and if you desperately want an explanation I will give you it.

But this problem is really annoying and I cant get my forums started unless I fix this annoyance

[[Unknown]]

There is no good reason for having them in plain text.  If you look for posts by me with "password" in them, you will see how STRONGLY I feel about leaving the passwords crypted.

There are ways to do what you are trying to do, but I'm not going to tell you why - unless you can give me a reason better than any other excuse I have heard.

Here are a few:

• My users keep forgetting their passwords!
  
• There's a forgot password link that works really well.  You can even reset their password by going to their profile.  What could be easier?  Why would you want to have to find them in the SQL?
  
  
• I'm making a site and I want to integrate it.
  
• So use the same kind of encryption.  This can only have the effect of making your site better, so I see no harm.
  
  
• I want to see my users' passwords because I'm a freak.
  
• Well too bad.
  
  -[Unknown]

[habby]

I cant say I like your angry attitude towards my post, but if you have to know the reason, the only people who are going to have access to my board are my friends.  And I am only going to allow them access to the board if the password that they enter matches the password I give them.

You see im giving each of them diffenent passwords for the forums. Do you understand this? And its not so I can see what their password is, because I am physically giving them the password anyway

[Iridium]

Why not simply set the passwords for them by editing their profiles then?

(My personal excuse for wanting to see people's passwords (not that I've done it on my boards) would be that I'm so utterly useless at thinking of passwords for myself that it's easier to see the passwords other people have come up with and use the good ones!)

[habby]

Because i wont know it is them unless they physically enter the password themselves

[Iridium]

Simply create their accounts for them, and, while logged in as an administrative user, go to their profile and set the password. Easy.

[habby]

Have you even read what I have written???
I want them to register an enter the passwords

[Iridium]

But why?! I'm sure I could easily give you the code to remove the hashing function, but I'm not going to waste my time on it if there's a simpler way that requires no changes whatsoever.

[habby]

look, there are alot of people who will want to register, I only want my friends to register if I give them a password to use to create an account it will be alot easier than me manually creating loads of accounts
If you are worried about other yabb users using this then could you please IM me it

Thankyou

[Gobalopper]

Why not get the application mod and approve members before they can join.

[habby]

seems that you all obvoiusly dont want to help me, whatever happens im going to get the hack working sooner or later, im just asking for help so I can get it running now...

I dont know of this application mod, but I have already sent out all the passwords and used up quite alot of money in stamps.  Now I dont want to mess about I just want a little help, but it seems that no one in yabbse is helpful

[[Unknown]]

I'm sorry about my "angry attitude", but this has come up before and makes no sense.

If you create the accounts for them, they can login with no problems.  You will have set the passwords.

Simply add this to Register.php:
if ($settings[7] == '')
  fatal_error('Sorry, registration is disabled.');

At the top under the copyright header.

This completely and entirely solves your situation.  They will be able to login and use their accounts, and you will not get any unwanted registrations.

Just ask them for their emails and desired usernames.  (which I would think you would probably have of your friends already anyway.)

-[Unknown]

[habby]

Yes, I have this but im not going to add accounts for hundreds of users, this is myt situation that no one want to help with.  

[Spaceman-Spiff]

you're trying to make the forum less secure, that's why people are hesitant to help you

Gobalopper has suggested the Application Mod, this mod will enable people to apply for a membership, and you as the admin can reject/accept each application. So u can allow only the people that you know to access the forum.

[habby]

look, its my forum, i dont care about it being unsecure, if a hacker comes in and somehow gets into the mysql database what will this person want with the users passwords? ?? And even if he does desperately want them he can decrypt them, and dont you say there is no way because there is and I have done it before. If I really want my members passwords I can do this, but im not going to because I am setting their passwords anyway!