7
a little storm in my brain
thought 1: I was thinking you could use the hacked version of the gijoe auto-login hack
This will enable the users to login with their old email en pass (but this doesn't solve your pass problem
)
https://xoops.org/modules/newbb/viewtopic.php?viewmode=flat&topic_id=29338&forum=14http://xoops.biz/dist/my_autologin_for_xoops-2.0.9.x.zipthought 2: how do other sites do it ... big companies like hotmail use mostly a secret question field in the registration form..."What's the name of your pet" (of course this does not solve your problem for the old users)
thought 3: extend the user.php file, allowing the user to fill up the old email, username, new email adress, and other info entered when initially registered, IE location, age, ... You should use this information to match the profile,
-problem1: the registration process of XOOPS is a two pass process, and filling up the additional userinfo is not mandatory, there are some documents explaining how to achieve this behaviour)
-problem2: still a big security risk, the additional info (birthday, location, ...) is sometimes easy to find on other sites ...
conclusion: users should not forget their password and use the hacked autologin hack, or should not change email addresses like changing underwear
