Good morning, I recently started using xoop and i love it, many thanks to the devs.

I have recently started the development of an new site, and allowed 2 beta users in. Both registerd, i approved their accounts. However they were unable to login... Long story short i trouble shooted the problem and ended up looking at the prefix_user table(prefix being the dynamic entry which you type in at setup). In the "pass" field their passwords were there however in clear text.

I did the following work around...

A) I logged into one of the accounts,
B) hit change password copy and pasted the clear text password into the fields and hit submit.
C) Checked the table and it had hashed the persons password

My own personal morals disagree with knowing other peoples passwords.. I already sent my two buddies a notice to change their passwords on the site. Also i dont feel like doing it for every single person who will be coming to my site ;)

But am i missing something? or an option? my forum searches on here have been fruitless. I turned the different levels of logging on btu didnt see anything that stuck out..

-DC0-1

xoops 2.1 isn't stable and that's a known problem as it's still an alpha version..

if you want to be able to use it properly, then you should use the stable release 2.0.10 instead of 2.1

also you must note: the stable release uses md5 encryption for passwords, so no need to worry about that..

xoops 2.1 has problems and as said, it's an alpha version and is nowhere near suitable or ready for a production environment..