The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
#1
|
||||
|
||||
Attempting to Limit User Password Length Through PHP Plugins
Hey all,
I'm trying to make it so user passwords need to be at least 6 to 20 characters long. PHP Plugins: register_addmember_process PHP Code:
PHP Code:
If anyone could help me out and explain what needs to be done to actually obtain the length of the password inputted in the textfield, I'd appreciate it! Thanks, Mark |
#2
|
||||
|
||||
Wouldn't you check the register template and evaluate password1.value and password2.value?
|
#3
|
||||
|
||||
I want something that's not able to be changed by the user, meaning nothing in HTML/JS.
|
#4
|
|||
|
|||
I think your problem is that normally the user's browser hashes the password and clears the plain text password field. You can disable that by defining DISABLE_PASSWORD_CLEARING to 1, such as in your config.php or in a plugin:
Code:
define('DISABLE_PASSWORD_CLEARING', 1); or if you wanted you might be able to define it only for the registration and profile pages so that you still have that security feature for normal logins. |
#5
|
||||
|
||||
Quote:
|
#6
|
|||
|
|||
I don't think so. What it does is it keeps the password from being sent "in the clear". But it doesn't even really protect your forum because if someone were somehow monitoring communications between a users' browser and your forum they could just as easily intercept the hashed password and use it to log in. (but they wouldn't know what the original password was, which I think is the point).
|
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|