Difference between revisions of "How to store plain text passwords for users"

From aMember Pro Documentation
Jump to: navigation, search
Line 10: Line 10:
 
2. Add this code to [[site.php file]]:
 
2. Add this code to [[site.php file]]:
 
<source>
 
<source>
Am_Di::getInstance()->hook->add(Am_Event::SET_PASSWORD, function (Am_Event_SetPassword $event) {
+
Am_Di::getInstance()->hook->add(Am_Event::SET_PASSWORD, function (Am_Event_SetPassword $e) {
     $pass = $event->getPassword();
+
     $pass = $e->getPassword();
     $user = $event->getUser();
+
     $user = $e->getUser();
 
     if($pass){
 
     if($pass){
 
         $user->updateQuick('plain_password', $pass);
 
         $user->updateQuick('plain_password', $pass);
Line 20: Line 20:
  
 
Each time when user's password will be updated aMember will copy it to plain_password field. Then you can use '''%user.plain_password%'''  placeholder in all emails templates when %user% placeholder is available.
 
Each time when user's password will be updated aMember will copy it to plain_password field. Then you can use '''%user.plain_password%'''  placeholder in all emails templates when %user% placeholder is available.
 +
 +
Optionally you can add the following code snippet to [[site.php file]]:
 +
<source>
 +
Am_Di::getInstance()->hook->add('gridUserInitForm', function (Am_Event_Grid $e) {
 +
    if ($e->getGrid()->getRecord()->isLoaded() && !empty($e->getGrid()->getRecord()->plain_password)) {
 +
        $p = Am_Html::escape($e->getGrid()->getRecord()->plain_password);
 +
        $e->getGrid()->getForm()
 +
            ->addScript()
 +
            ->setScript(<<<CUT
 +
jQuery(function(){
 +
    jQuery('[name=_pass]').closest('.element').prepend('<span id="plain-password">{$p} </span>');
 +
    jQuery('.am-change-pass').click(function(){jQuery('#plain-password').remove()});
 +
    jQuery('[name=plain_password]').closest('.row').hide();
 +
});
 +
CUT
 +
            );
 +
    }
 +
});
 +
</source>
 +
 +
This code will show user password in his account within admin interface:
 +
[[File:Admin-user-profile-plain-password-display.png|frameless|400px]]

Revision as of 09:00, 18 January 2019

IMPORTANT NOTE We do not recommend to store plain text passwords. Use this tutorial at your own risk.

1. Create field in aMember CP -> Add fields-> New field:

  • Field Name: plain_password
  • Field Title: Plain Text Password
  • Field Type: SQL
  • SQL Field Type: String

2. Add this code to site.php file:


Am_Di::getInstance()->hook->add(Am_Event::SET_PASSWORD, function (Am_Event_SetPassword $e) {
    $pass = $e->getPassword();
    $user = $e->getUser();
    if($pass){
        $user->updateQuick('plain_password', $pass);
    }
});


Each time when user's password will be updated aMember will copy it to plain_password field. Then you can use %user.plain_password% placeholder in all emails templates when %user% placeholder is available.

Optionally you can add the following code snippet to site.php file:


Am_Di::getInstance()->hook->add('gridUserInitForm', function (Am_Event_Grid $e) {
    if ($e->getGrid()->getRecord()->isLoaded() && !empty($e->getGrid()->getRecord()->plain_password)) {
        $p = Am_Html::escape($e->getGrid()->getRecord()->plain_password);
        $e->getGrid()->getForm()
            ->addScript()
            ->setScript(<<<CUT
jQuery(function(){
    jQuery('[name=_pass]').closest('.element').prepend('<span id="plain-password">{$p} </span>');
    jQuery('.am-change-pass').click(function(){jQuery('#plain-password').remove()});
    jQuery('[name=plain_password]').closest('.row').hide();
});
CUT
            );
    }
});


This code will show user password in his account within admin interface: Admin-user-profile-plain-password-display.png