Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
 Password:
Save Password
Forgot your Password?

 All Forums
 Help Groups for Snitz Forums 2000 Users
 Help: General / Current Version (Old)
 Admin - Forgotten Password		  New Topic  Topic Locked
 Printer Friendly
Author Previous Topic Topic Next Topic  

tveith
Starting Member

32 Posts
Posted - 04 June 2001 :  17:50:51  Show Profile
Just curious...but when I log in as a different user and click "Forgot your Password", why am I able to enter the name "Admin" and the Administrator's email address and receive the Administrator's password? Isn't this a security issue?

Is there a way to ensure the Admin's password is NOT available to a potential hacker?

Thanks!

redbrad0
Advanced Member

USA
3725 Posts
Posted - 04 June 2001 :  17:55:05  Show Profile  Visit redbrad0's Homepage  Send redbrad0 an AOL message
are you reading the email that is given to you? is your email address the same as the admin's?

if your email address is the same as the admin's, then it will send it to you, otherwise i beleiev that it sends you an email saying you inputed the wrong info

Brad
Go to Top of Page

tveith
Starting Member

32 Posts
Posted - 04 June 2001 :  18:00:26  Show Profile
quote:

are you reading the email that is given to you? is your email address the same as the admin's?

if your email address is the same as the admin's, then it will send it to you, otherwise i beleiev that it sends you an email saying you inputed the wrong info

Brad


Is there a way to turn this off completely? I don't want the Admin's password sent to anybody, including the Administrator.
Go to Top of Page

redbrad0
Advanced Member

USA
3725 Posts
Posted - 04 June 2001 :  18:06:06  Show Profile  Visit redbrad0's Homepage  Send redbrad0 an AOL message
just open pop_pword.asp and do this....


	if (lcase(Request.Form("Name")) = lcase("admin")) then 
		Err_Msg = Err_Msg & "<li>Sorry you can not ask for this password</li>"
	end if


this piece of code should go right below..

if Request.QueryString("mode") = "DoIt" then
	Err_Msg = ""


Brad
Go to Top of Page

tveith
Starting Member

32 Posts
Posted - 04 June 2001 :  18:20:08  Show Profile
quote:

just open pop_pword.asp and do this....


	if (lcase(Request.Form("Name")) = lcase("admin")) then 
		Err_Msg = Err_Msg & "<li>Sorry you can not ask for this password</li>"
	end if


this piece of code should go right below..

if Request.QueryString("mode") = "DoIt" then
	Err_Msg = ""


Brad


Worked like a charm! Thanks very much for your help!
Go to Top of Page

redbrad0
Advanced Member

USA
3725 Posts
Posted - 04 June 2001 :  18:24:39  Show Profile  Visit redbrad0's Homepage  Send redbrad0 an AOL message
no problem

Brad
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Topic Locked
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.3 seconds. Powered By: Snitz Forums 2000 Version 3.4.07