12 Replies Latest reply on Sep 11, 2010 12:07 AM by deansy55

    change default kt_userID

    Level 1

      hi,

       

      is there a way in the config file that i can change the default session variable created for the username?

       

      i need to change this to UserID as suppose to the kt_userID is this possible and will it affect anything by doing so?

       

      many thanks

        • 1. Re: change default kt_userID
          Günter Schenk Level 4

          You´re talking about the variable $tNG_login_config_session["kt_login_id"], right ?

           

          Changing this to, say, $tNG_login_config_session["user_id"] wouldn´t be all you´d have to do, because - regretfully - many other "includes" files are using the default "kt_login_id" (plus "kt_login_user" and "kt_login_level") value as hard-coded string all over the place, e.g. in queries etc, and you´d have to change all these instances as well.

           

          Cheers,

          Günter

          • 2. Re: change default kt_userID
            Level 1

            thanks gunter that is not what i wanted to hear

             

             

            i have an existing site that most of the queries i have filtering of the session UserID so i would either have to change all the queries to suit ADDT's default userid or redo all the queries in the site to match ADDT's userID is that right?

             

            thanks again gunter for your help.

             

            did you ever get a chance to look at the selecting of docs to email?

             

            would be cool to have this working for alot of users i reckon.

             

            cheers

            • 3. Re: change default kt_userID
              Günter Schenk Level 4

              deansy55 wrote:

               

              thanks gunter that is not what i wanted to hear

              sorry for that ;-)

               

              i have an existing site that most of the queries i have filtering of the session UserID so i would either have to change all the queries to suit ADDT's default userid or redo all the queries in the site to match ADDT's userID is that right?

              Unless you happen to successfully change the default names of the session variables I mentioned, you´ll indeed have to use the session variable "kt_login_id".

               

              did you ever get a chance to look at the selecting of docs to email?

               

              Nope, I didn´t look into this so far

               

              would be cool to have this working for alot of users i reckon.

               

              But where are all those "alot of users" now ? Most assumingly they managed to find themselves other solutions, but one thing is for certain: they apparently don´t come here any longer except occasionally for getting some last-minute issues sorted out rather than looking for new how-to´s, and this IMO doesn´t warrant the significant effort it would take me to provide such a thing.

               

              Cheers,

              Günter

              • 4. Re: change default kt_userID
                Level 1

                hey gunter,

                 

                just looking through your tutorials and saw you said that not to use the name "user" as it will cause issues.

                 

                my login table is currently called users, and id is actually "userid" am i ok to use this?

                 

                i think i may redo my queries as i dont have many queries filtering of the session userid so i can change the to the session kt_loginid but i am ok to continue to use my userid in my recordsets as joining my tables as it is only the session name isn't it?

                 

                also just a couple more questions re the login settings.

                 

                does it send an unencrypted password to the user if they click the forgot password link? and what is the random key for? do you have a turoial on your site about setting up login with the check username and sending passwords?

                 

                one other thing, md5 i have read is unsecure, is it possible to use sha1 by changing any of the config settings to use this or should i not concern myself too much about md5?

                 

                thanks again gunter.

                • 5. Re: change default kt_userID
                  Günter Schenk Level 4

                  deansy55 wrote:

                   

                  hey gunter,

                   

                  just looking through your tutorials and saw you said that not to use the name "user" as it will cause issues.

                   

                  my login table is currently called users...

                  I´ve never had issues with columns named "users" (the plural variant), also because I never used this one, LOL ;-)

                   

                  and id is actually "userid" am i ok to use this?

                  that´s fine.

                   

                  but i am ok to continue to use my userid in my recordsets as joining my tables as it is only the session name isn't it?

                  As you´re - speaking about the general ADDT login setting - actually mapping the column name "userid" (or any other "safe" name you may give this column) to the Session Variable "kt_login_id", this should work fine.

                   

                  does it send an unencrypted password to the user if they click the forgot password link?

                  I personally never worked with unencrypted passwords so far, so you´ll have to try this one out yourself.

                   

                  and what is the random key for?

                  What does the ADDT help file tell your about this ? ;-)

                   

                  do you have a turoial on your site about setting up login with the check username and sending passwords?

                  Nope.

                   

                  one other thing, md5 i have read is unsecure, is it possible to use sha1 by changing any of the config settings to use this or should i not concern myself too much about md5?

                  ADDT internally works with an md5 encryption, so there´s nothing you can change except when modifying the libraries. It´s true that some geeks say that md5 may be less secure than other encryption options, but I wouldn´t call an encrypted 32-char value "unsecure" at all.

                   

                  Cheers,

                  Günter

                  1 person found this helpful
                  • 6. Re: change default kt_userID
                    Level 1

                    thanks gunter again

                    • 7. Re: change default kt_userID
                      Level 1

                      hi gunter, i cant see in the addt help file for the random key?

                       

                      could you point me in the right direction? not sure what it is for, went through the wizards and added data but nothing is in that table in the database so far.

                       

                      also is it possibly to change the length of the password sent from the forgot password?

                       

                      thanks again

                      • 8. Re: change default kt_userID
                        Level 1

                        thanks again

                        • 9. Re: change default kt_userID
                          Günter Schenk Level 4

                          deansy55 wrote:

                           

                          hi gunter, i cant see in the addt help file for the random key?

                          it´s all in the help file: Configuring Developer Toolbox / Site-specific settings / Login settings

                           

                          also is it possibly to change the length of the password sent from the forgot password?

                          Huh ? Why is that important ?

                           

                          Cheers,

                          Günter

                          • 10. Re: change default kt_userID
                            Level 1

                            just though it would be a better idea to change the length of the random password sent to security that is all.

                             

                            is there a way to check the email address is not a duplicate in an update users profile?

                             

                            thanks again gunter

                            • 11. Re: change default kt_userID
                              Günter Schenk Level 4

                              deansy55 wrote:

                               

                              just though it would be a better idea to change the length of the random password sent to security that is all.

                              You will have to modify some code in the file "includes/tng/triggers/tNG_defTrigg.inc.php":

                               

                              1. the function Trigger_Registration_CheckPassword(&$tNG)

                               

                              change the line

                               

                              $password = tNG_generateRandomString(6);

                               

                              to, say,

                               

                              $password = tNG_generateRandomString(12);

                               

                               

                              2. the function Trigger_ForgotPassword_CheckEmail(&$tNG)

                               

                              change the line

                               

                              $tNG->kt_login_password = tNG_generateRandomString(6);

                               

                              to

                               

                              $tNG->kt_login_password = tNG_generateRandomString(12);

                               

                               

                              I think this shoud be all there is to do for having ADDT generate a 12-chars random password. Not tested though, so please backup the file first ;-)

                               

                              is there a way to check the email address is not a duplicate in an update users profile?

                              Just apply ADDT´s "check unique" server behaviour to the email field.

                               

                              Cheers,

                              Günter

                              1 person found this helpful
                              • 12. Re: change default kt_userID
                                Level 1

                                thanks again gunter.

                                 

                                i just wanted to change that as what i currently use generates a password that you can decide the length.

                                 

                                thanks again and thank you for the check email tip. exactly what i need.