Hello!

I searched the forums and hack database for this, but couldn't find anything of this sort.

Is anybody willing to write some sort of a script to issue new passwords to all of the Member's of a vB Board? I'm in the process of transfering a Snitz board to vB and I need something like this. :)

Is anybody up to it?

Thanks!

Cary, done!
Contact me on IRC

At the moment it integrates with the normal email.php script from vBulletin. So you can select on user, usertitle, usergroup, join date, visit date, etc - just as normal.

It has sparkz script integrated to also email users who have set to ignore admin emails - so you are sure every member get it.

It automaticly generates a new password and you can just add it to the email as

Your new password is: $newpassword

And you can select to do this, or not. So you can still use email.php as normal.

You can also select to display the new password while sending the emails, so you can have a copy yourself, for either debug reasons, or to help users who didn't receive the email or whatever.

You can also select 'test' and set to enforce new pass and echo out, but it won't send the email and it won't actually set a new password. So you can normal test email and newpass test email.

Credits will be given to sparkz for the admin_email_enforcer and to erwin for the random_generator_code and to me for realizing it and integrating it with vbulletin and sparkz hack and making it work with version 2.3.0 of vbulletin and because i just wanted to pat myself on the back because it only took me a very short time to make it (to my suprise)

Here is what I use:

screenshot

Our hacks are close logician,
I will release mine in a second, I am still writing the installation instructions.

<a href="https://www.vbulletin.org/hacks/index.php?s=&action=showhack&hackid=1143" target="_blank">http://www.vbulletin.org/hacks/index...ck&hackid=1143</a>

Done.

hmm, the easiest way would be to run this query:
UPDATE user SET password='' WHERE userid!=1

then every password is emtied and everyone has to use passwordrecovery.
It's not that nice than your scripts, but it does what needed ;)

Today at 07:54 PM Xenon said this in Post #7 (https://vborg.vbsupport.ru/showthread.php?postid=381493#post381493)
hmm, the easiest way would be to run this query:
UPDATE user SET password='' WHERE userid!=1

then every password is emtied and everyone has to use passwordrecovery.
It's not that nice than your scripts, but it does what needed ;)
hehe of course.. I thought about saying the same thing before posting the hack but well since the requester is a vb team member, I thought I dont need to remind this :)

How about security breach ?

Thank you very much xiphoid! I owe you. :)

Today at 08:17 PM xiphoid said this in Post #9 (https://vborg.vbsupport.ru/showthread.php?postid=381512#post381512)
How about security breach ?
There is no security breach because Stefan's code does not MD5 the "blank" password where vbulletin MD5s the entered passwords.

So even if you assign a blank password to all users, they wont be able to login by entering "blank" as password. They need to enter a password whose MD5'ed form is blank and there is no such password available.

So this is as secure as a "rock".. As a matter of fact so secure that nobody can login even if they know the password ;)

Here is what I use:

That's one helluva hack, but when I tried to squeeze into 3.6.3, it didn't fit - Too much of email.php has changed ...

Can it be adapted for 3.6.3? I could sure use something like that to reduce the email traffic of users getting frustrated with the "lostpw" process ...