This hack will force to change the password on first access.
Go to
include/checklogin.phpIn the line 63:
$user->setVar('last_login', time());
Change to:
$last_login=$user->getVar('last_login');
$user->setVar('last_login', time());
Go to line 85:
// Set cookie for rememberme
if (!empty($xoopsConfig['usercookie'])) {
if (!empty($_POST["rememberme"])) {
setcookie($xoopsConfig['usercookie'], $_SESSION['xoopsUserId'] . '-' . md5($user->getVar('pass') . XOOPS_DB_NAME . XOOPS_DB_PASS . XOOPS_DB_PREFIX), time() + 31536000, '/', XOOPS_COOKIE_DOMAIN, 0);
} else {
setcookie($xoopsConfig['usercookie'], 0, -1, '/', XOOPS_COOKIE_DOMAIN, 0);
}
}
Chage to:
// Set cookie for rememberme
if (!empty($xoopsConfig['usercookie'])) {
if (!empty($_POST["rememberme"])) {
setcookie($xoopsConfig['usercookie'], $_SESSION['xoopsUserId'] . '-' . md5($user->getVar('pass') . XOOPS_DB_NAME . XOOPS_DB_PASS . XOOPS_DB_PREFIX), time() + 31536000, '/', XOOPS_COOKIE_DOMAIN, 0);
} else {
setcookie($xoopsConfig['usercookie'], 0, -1, '/', XOOPS_COOKIE_DOMAIN, 0);
}
}
if ($last_login == 0) {
redirect_header(XOOPS_URL.'/modules/profile/changepass.php', 5, 'Please, change your password!');
}
Note: It makes the User is redirected to change password on first login, if he quit without changing the screen no longer appears.
I hope you understand my bad English.
Font.:
http://bit.ly/NRwJR7
