Go Back   vb.org Archive > vBulletin 4 Discussion > vB4 General Discussions
  #1  
Old 06-04-2010, 03:52 AM
Webbstre Webbstre is offline
 
Join Date: Nov 2009
Posts: 175
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default [REQUEST] Mass Password Reset for VB4

I've been searching around and can't find a way to do this anywhere in VB4, and there appear to be no mods as far as the search box has shown me. I am soon going to be launching my revamped website, finally having switched over from a crazy drupal/wordpress/phpbb3 installation to just use vBulletin. Once the site goes live I want to send out a welcome e-mail to all of my users, which also includes a password reset included with it.

If there are already ways to do this, I would appreciate being told how. If not, I'm sure a Mass Password reset mod would be quite useful, as I have seen requests for it on these boards leftover from VB3 and even VB2.
Reply With Quote
  #2  
Old 06-04-2010, 04:46 AM
Floris Floris is offline
 
Join Date: Jan 2002
Posts: 1,898
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

vBulletin does not allow you anymore to use a password that's the same as the username.

Run a manual query on the database to encode the pass to be like the username.

Then use the internal tool to diagnose for vulenarable passwords, it will find ALL users ..

then rewrite it to not show as vulnerable but as password reset email ..

and it generates the new pass for the user and emails them.

--------------- Added [DATE]1275630577[/DATE] at [TIME]1275630577[/TIME] ---------------

PHP Code:
<?php // made with help by ryan ashbrook, madmikeyb and chroder, 
// for floris at http://vbfans.com

die(); // uncomment this before using, and after editing this file.
require_once ( './global.php' );
$query $vbulletin->db->query_read "SELECT * FROM `" TABLE_PREFIX "user` WHERE usergroupid = 95" );
while ( 
$user $vbulletin->db->fetch_array $query ) )
{
    echo ( 
'<p>Updating user ' $user['username'] . '...' );
    
$vbulletin->db->query_write '
        UPDATE `' 
TABLE_PREFIX 'user`
        SET password = \'' 
md5 md5 $user['username']) . $user['salt'] ) . '\'
        WHERE userid = ' 
$user['userid'] . '
    ' 
);
    echo ( 
' done!</p>' );
}
?>
This is what I used on 3.8 forum to force the usergroupid 95 to have the same password as the username, so afterwards I could use the ' check for vulnerable pass ' feature built-in from vbulletin 3.8.

surely this works on 4.0 too.

BACK YOUR DB UP
put this in like 'forcepass.php' and put it in admincp/

edit the file to point to the usergroup,
add // in front of die();

and run it from the browser.

good luck
Reply With Quote
  #3  
Old 06-04-2010, 10:59 AM
Xencored Xencored is offline
 
Join Date: Sep 2008
Location: UK, Scuny
Posts: 1,337
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Floris View Post
vBulletin does not allow you anymore to use a password that's the same as the username.

Run a manual query on the database to encode the pass to be like the username.

Then use the internal tool to diagnose for vulenarable passwords, it will find ALL users ..

then rewrite it to not show as vulnerable but as password reset email ..

and it generates the new pass for the user and emails them.

--------------- Added [DATE]1275630577[/DATE] at [TIME]1275630577[/TIME] ---------------

PHP Code:
<?php // made with help by ryan ashbrook, madmikeyb and chroder, 
// for floris at http://vbfans.com

die(); // uncomment this before using, and after editing this file.
require_once ( './global.php' );
$query $vbulletin->db->query_read "SELECT * FROM `" TABLE_PREFIX "user` WHERE usergroupid = 95" );
while ( 
$user $vbulletin->db->fetch_array $query ) )
{
    echo ( 
'<p>Updating user ' $user['username'] . '...' );
    
$vbulletin->db->query_write '
        UPDATE `' 
TABLE_PREFIX 'user`
        SET password = \'' 
md5 md5 $user['username']) . $user['salt'] ) . '\'
        WHERE userid = ' 
$user['userid'] . '
    ' 
);
    echo ( 
' done!</p>' );
}
?>
This is what I used on 3.8 forum to force the usergroupid 95 to have the same password as the username, so afterwards I could use the ' check for vulnerable pass ' feature built-in from vbulletin 3.8.

surely this works on 4.0 too.

BACK YOUR DB UP
put this in like 'forcepass.php' and put it in admincp/

edit the file to point to the usergroup,
add // in front of die();

and run it from the browser.

good luck
Very nice Floris i will be bookmarking this page for sure thanks for the share :up:
Reply With Quote
  #4  
Old 06-05-2010, 03:33 AM
Webbstre Webbstre is offline
 
Join Date: Nov 2009
Posts: 175
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Thank you!
Reply With Quote
  #5  
Old 03-19-2012, 02:28 PM
babyv0x babyv0x is offline
 
Join Date: Jan 2012
Posts: 24
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

thank you so much !
Reply With Quote
  #6  
Old 01-24-2015, 09:02 AM
Skyrider Skyrider is offline
 
Join Date: Feb 2006
Location: Netherlands
Posts: 1,392
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Works nicely on primary usergroups, but I'm afraid doesn't work at all on users that are in a secondary group. (gives blank page).
Reply With Quote
  #7  
Old 01-24-2015, 09:08 AM
ozzy47's Avatar
ozzy47 ozzy47 is offline
 
Join Date: Jul 2009
Location: USA
Posts: 10,929
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Skyrider View Post
Works nicely on primary usergroups, but I'm afraid doesn't work at all on users that are in a secondary group. (gives blank page).
Perhaps read a article I wrote just over a ago, https://vborg.vbsupport.ru/showthread.php?t=303731
Reply With Quote
  #8  
Old 04-15-2015, 10:21 PM
adamnp adamnp is offline
 
Join Date: Dec 2007
Posts: 6
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

anyone able to fix this to work for any usergroup in vb4? :P
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 05:04 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.06977 seconds
  • Memory Usage 2,240KB
  • Queries Executed 11 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (2)bbcode_php
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (8)post_thanks_box
  • (8)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (8)post_thanks_postbit_info
  • (8)postbit
  • (8)postbit_onlinestatus
  • (8)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete