Page 1 of 1
Prevent Users changing password / profile settings
Posted: Wed Oct 10, 2012 9:59 am
by Flaas
Hi there, anyone has a way of preventing a certain user from changing his password, or better yet, making changes to his profile?
In the extreme case, I would almost like to preset the password for a specific user, without him knowing what it is ... like they have on the HESK demo page (autofill of password)
Any help would be appreciated.
Thanks!
Re: Prevent Users changing password / profile settings
Posted: Wed Oct 10, 2012 6:17 pm
by Klemen
Autofill passwords wouldn't work in this case and I don't recommend pursuing it.
To prevent users from modifying passwords you could try:
1. open admin/profile.php in an editor
2. delete these lines
Code: Select all
<tr>
<td style="text-align:right" width="200"><?php echo $hesklang['new_pass']; ?>: </td>
<td><input type="password" name="newpass" size="30" maxlength="20" onkeyup="javascript:hesk_checkPassword(this.value)" autocomplete="off" /></td>
</tr>
<tr>
<td style="text-align:right" width="200"><?php echo $hesklang['confirm_pass']; ?>: </td>
<td><input type="password" name="newpass2" size="30" maxlength="20" autocomplete="off" /></td>
</tr>
3. change
Code: Select all
$newpass = hesk_input($_POST['newpass']);
to
4. save, upload and test
P.s.: this will also prevent *you* from changing your password. If you need to change it, upload the original profile.php back, change it, then use the modified one again.