08-21-2017, 12:13 PM
Yeah. It was just a button that was going to force everyone to change their passwords. Primarily for either a DB breach or for users upgrading from UserCake. Two thoughts on it.
1. It probably needs to be in the users table. It needs to foreach through the users and put a 1 in the reset column.
2. Then, my thought is that there needs to be 2 ways to use it.
a. Generic password reset where people need to use their old password but upon login, they're redirected to reset their password.
b. (Such as the case with UserCake). It foreaches through the database and encrypts a random hash for their password so the only way they can login again is through the "forgot password" link. This would be useful if we change encryption algorithms etc.
1. It probably needs to be in the users table. It needs to foreach through the users and put a 1 in the reset column.
2. Then, my thought is that there needs to be 2 ways to use it.
a. Generic password reset where people need to use their old password but upon login, they're redirected to reset their password.
b. (Such as the case with UserCake). It foreaches through the database and encrypts a random hash for their password so the only way they can login again is through the "forgot password" link. This would be useful if we change encryption algorithms etc.