The Elearning Community • Improvements (& a little bug fix) on renewal password
Page 1 of 1

Improvements (& a little bug fix) on renewal password

Posted: Wed Nov 05, 2014 5:13 pm
by lasernic
Hi everyone,

During my personal experience in installing and customizing the platform in order to satisfy my customers's requests, I often realize that the renewal password mechanism implemented in the LMS lacks an important (from my point of view) feature: the possibility to configure the renewal procedure in such a manner that it is blocking. As a matter of fact the current version of FormaLms (and the older ones) has a few parameter used for customize this behaviour: you can enable it, disable it, set a password expiration date, etc. In any case, when a certain user logged in and has its password expired the platform firts of all shows the renewal password section: despite of the need of renewal password the user can completely ignore the request and bypass the procedure by perform some other action, such as going to the Certificate Page.

So, what if the you need to impose the password renewal on the user?

Here comes my (little) effort to implement this feature. This patch add one new configuration parameter by which administators can decide to transform the renewal password procedure in a blocking or a non blocking one.

So, please find my patch in the zip file in attachment. Here is the structure of the archive:

- formaLms/
- renewalpassword-blocking.sql

Follow these steps to "install" it:

1. Unzip the archive
2. Import the file renewalpassword-blocking.sql on the database of your FormaLms installation
3. Copy and paste the entire content of the folder formaLms that you find in the unzipped archive inside the root directory of your formalms project.
4. Enjoy it, configuring properly in the administration panel (Main > Configurations > Configurations > User).

As you can see only a few files are changed. You can easily find the changes inside the code looking for my name inside the code.

Hope this can be helpful to the community!

p.s. The little bug fix mentioned in the subject refers to a very little adjustment inside lib.aclmanager.php: without it the function responsible for fetching some important user fields from the DB would fetch less fields than required. In particular the original query doesn't fetch "force_change" field from the user's record, making the renewal procedure completely unreachuble by the system (no one could even simply see the password renewal section).

Re: Improvements (& a little bug fix) on renewal password

Posted: Wed Nov 05, 2014 5:44 pm
by max
Ciao Nicola,

grazie per il prezioso contributo, è una feature importante. Come già fatto in altre occasioni, testiamo al più presto il tuo fix e lo includiamo senz'altro nella prima release disponibile. Ne sta uscendo una a giorni, per cui il tuo fix passerà verosimilmente alla prossima.

Re: Improvements (& a little bug fix) on renewal password

Posted: Wed Feb 18, 2015 10:23 am
by alberto
Hi Nicola, thanks for sharing your solution. We tested it and choose a different way to fix the issue, anyway in the upcoming release it will be fixed. We preferred not to add the option to make it blocking or not, and leave it only blocking to keep it simple and secure.

Re: Improvements (& a little bug fix) on renewal password

Posted: Wed Feb 18, 2015 11:03 am
by lasernic
Hi Alberto,

Perfect, no problem!
At the time of the implementation I chose for the less intrusive solution, avoiding to completely change that functionality.
In any case, I agree with you in leaving renewal password only blocking: it is simple, secure, and also...logic! :)

This site uses cookies.

Some of the cookies we use are essential for parts of the site to operate and have already been set. We also use Google Analytics scripts, which all use cookies.
You may delete or block all cookies from this site in your browser options.