Improvements (& a little bug fix) on renewal password

Third party plugins, patches, bugfixes
Post Reply
User avatar
lasernic
Newbie
Posts: 5
Joined: Tue Oct 07, 2014 11:15 am
Version: forma.lms 1.2

Improvements (& a little bug fix) on renewal password

Post by lasernic »

Hi everyone,

During my personal experience in installing and customizing the platform in order to satisfy my customers's requests, I often realize that the renewal password mechanism implemented in the LMS lacks an important (from my point of view) feature: the possibility to configure the renewal procedure in such a manner that it is blocking. As a matter of fact the current version of FormaLms (and the older ones) has a few parameter used for customize this behaviour: you can enable it, disable it, set a password expiration date, etc. In any case, when a certain user logged in and has its password expired the platform firts of all shows the renewal password section: despite of the need of renewal password the user can completely ignore the request and bypass the procedure by perform some other action, such as going to the Certificate Page.

So, what if the you need to impose the password renewal on the user?

Here comes my (little) effort to implement this feature. This patch add one new configuration parameter by which administators can decide to transform the renewal password procedure in a blocking or a non blocking one.

So, please find my patch in the zip file in attachment. Here is the structure of the archive:

- formaLms/
---->lib/
------>lib.aclmanager.php
---->appLms/
------>lib/
-------->lib.preoperaion.php
- renewalpassword-blocking.sql

Follow these steps to "install" it:

1. Unzip the archive
2. Import the file renewalpassword-blocking.sql on the database of your FormaLms installation
3. Copy and paste the entire content of the folder formaLms that you find in the unzipped archive inside the root directory of your formalms project.
4. Enjoy it, configuring properly in the administration panel (Main > Configurations > Configurations > User).

As you can see only a few files are changed. You can easily find the changes inside the code looking for my name inside the code.

Hope this can be helpful to the community!

p.s. The little bug fix mentioned in the subject refers to a very little adjustment inside lib.aclmanager.php: without it the function responsible for fetching some important user fields from the DB would fetch less fields than required. In particular the original query doesn't fetch "force_change" field from the user's record, making the renewal procedure completely unreachuble by the system (no one could even simply see the password renewal section).
Attachments
renewalpassword-blocking.zip
(22.12 KiB) Downloaded 267 times
Last edited by lasernic on Thu Nov 06, 2014 8:55 am, edited 2 times in total.
Saluti.

Nicola Laserra
--------------------------------
PHP Developer
Elma Informatica - http://www.elmainformatica.it
Via Vitruvio 38, Milano
User avatar
max
FormaLms Guru
Posts: 2735
Joined: Thu Mar 01, 2012 10:41 am
Version: forma.lms 2.4
Contact:

Re: Improvements (& a little bug fix) on renewal password

Post by max »

Ciao Nicola,

grazie per il prezioso contributo, è una feature importante. Come già fatto in altre occasioni, testiamo al più presto il tuo fix e lo includiamo senz'altro nella prima release disponibile. Ne sta uscendo una a giorni, per cui il tuo fix passerà verosimilmente alla prossima.
---------------------
Massimiliano Ferrari
Elearnit - Elearning e Knowledge Management
https://www.elearnit.net
https://www.linkedin.com/in/massimilianoferrari
m.ferrari[at]elearnit.net
Skype: m_ferrari_it
User avatar
alberto
FormaLms Guru
Posts: 1134
Joined: Fri Mar 02, 2012 9:18 am
Contact:

Re: Improvements (& a little bug fix) on renewal password

Post by alberto »

Hi Nicola, thanks for sharing your solution. We tested it and choose a different way to fix the issue, anyway in the upcoming release it will be fixed. We preferred not to add the option to make it blocking or not, and leave it only blocking to keep it simple and secure.
User avatar
lasernic
Newbie
Posts: 5
Joined: Tue Oct 07, 2014 11:15 am
Version: forma.lms 1.2

Re: Improvements (& a little bug fix) on renewal password

Post by lasernic »

Hi Alberto,

Perfect, no problem!
At the time of the implementation I chose for the less intrusive solution, avoiding to completely change that functionality.
In any case, I agree with you in leaving renewal password only blocking: it is simple, secure, and also...logic! :)
Saluti.

Nicola Laserra
--------------------------------
PHP Developer
Elma Informatica - http://www.elmainformatica.it
Via Vitruvio 38, Milano
Post Reply