Master Password
4 posts by 2 authors in: Forums > CMS Builder
Last Post: October 25, 2011 (RSS)
Hello,
Is there any prebuilt code/plugin that will let me (using the website memberships function) login to any account with a master password.
I.e. each account has it's own password, but one 'master' one also allows login?
Can see how to do it manually changing the plugin code, but thought I'd see if there was anything already done :)
Cheers
Is there any prebuilt code/plugin that will let me (using the website memberships function) login to any account with a master password.
I.e. each account has it's own password, but one 'master' one also allows login?
Can see how to do it manually changing the plugin code, but thought I'd see if there was anything already done :)
Cheers
Re: [rjbathgate] Master Password
By Dave - October 25, 2011
Hey Rob,
No, we don't have anything this, but I was thinking about it recently as well. Were you wanting this for the CMS or Website Membership or both?
No, we don't have anything this, but I was thinking about it recently as well. Were you wanting this for the CMS or Website Membership or both?
Dave Edis - Senior Developer
interactivetools.com
interactivetools.com
Re: [Dave] Master Password
Hey,
In this case it'd be for website membership only, but I guess something which can do for that and CMSB would be the ideal.
I'll do it manually for now, but if you fancy building it in to a future version :)
Cheers
In this case it'd be for website membership only, but I guess something which can do for that and CMSB would be the ideal.
I'll do it manually for now, but if you fancy building it in to a future version :)
Cheers
Re: [Dave] Master Password
Hey,
I've done it like this
websiteMembership.php
within function _websiteLogin_getCurrentUser() {
after normal login check "$isValidLogin = $currentUser && (md5($currentUser['password']) == @$_SESSION['passwordHash']);
"
It seems to work fine and dandy which is grand... any thoughts about how secure it is? Any issues with storing $masterPassword in the same place as the login?
Cheers
I've done it like this
websiteMembership.php
within function _websiteLogin_getCurrentUser() {
after normal login check "$isValidLogin = $currentUser && (md5($currentUser['password']) == @$_SESSION['passwordHash']);
"
// MASTER PASSWORD
if (!$isValidLogin) {
$masterPassword = "mymasterpasswordhere";
$isValidLogin = $currentUser && (md5($masterPassword) == @$_SESSION['passwordHash']);;
}It seems to work fine and dandy which is grand... any thoughts about how secure it is? Any issues with storing $masterPassword in the same place as the login?
Cheers