I'll probably create a support ticket for this but just throwing this out there. I integrate aMember v4.2.15 with phpBB3.11 and have noticed since the initial upgrade to v4.x of aMember -nopass- somenumber showing up in the phpBB users table for individual users. This seems to stem from the FindPassword function in amember\library\Am\Protect\Databased.php but not too sure on on what conditions are causing it since the user has a valid password in aMember but borking the password in the phpBB database. One occurred today where it seems like it was caused by the members recurring subscription expiring.....anyone have an idea on what is is triggering the findpassword function but -nopass- is enterted into the phpBB database where the user has a good (I'm assuming good..it is encrypted)password in aMember? thanks, Steve
Steve, aMember use -nopass-something placeholder for password when it doesn't know it. When you have any integration plugin enabled, aMember encode password in a way required for third-party script and store it in saved_pass table. This happens each time when aMember get an access to plain-text password (when user login or change his password for example). If aMember doesn't know user's plain text password it set -nopass- value for it and it will be updated to correct encoded version of password when user login next time.
Thanks Alexander, Makes sense....some of my users are having a really hard time with this and not sure why. They do log directly into the phpBB forums and not via aMember so somewhere along the lines when the -nopass- is set they are having to go to amember/member and reset the password with the "forgot password" option. It just seems there's a lot of instances occurring where under "normal" usage, for example when a customer has not requested a change of password or accessed the aMember script, where -nopass- is being set
Well I believe in order to fix this, you just need to redirect all logins to aMember. Change login links in phpBB or even protect whole forum if possible.