websiteMembership question

By Dave - September 22, 2015

Hi Karlz, 

The 'loginSubmit' value is used by the CMSB login screen.

What if we updated it to this? 

// disallow logins with plaintext password hash
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : ''; 
if (in_array($action, ['login','loginSubmit']) && !empty($_REQUEST['password']) && $passwordHash && $_REQUEST['password'] == $passwordHash) {
  $passwordHash = '';   // blank out password
  loginCookie_remove();
}

Would that work for you? 

Dave Edis - Senior Developer
interactivetools.com

By ht1080z - September 27, 2015

Hi Dave,

I just lost the above script in the add-on and now i cannot find it..

Thanks anyway,
Karls.

By Dave - September 28, 2015

Hi Karz, Try searching for "loginSubmit" in /lib/login_functions.php.  

Dave Edis - Senior Developer
interactivetools.com