13 Jun
2008
13 Jun
'08
2:54 p.m.
Joe wrote:
Hi,
One small thing I notice is hat you have to go the the objects for resetting
a user's password (ie, when you're not the user and you're changing it for
them). Shouldn't this have an automatic temporary-password script behind
it?
Why? If the rights are correctly set, then only administrators should be able to change a
user's
password (except the user himself). If you're afraid that someone else could change a
password he
shouldn't be able to change, then either you didn't set the correct rights, or you
made an admin
somebody you don't trust.
Also, when setting a user's password manually
through the objects, I get a
big nasty database error.. followed by general odd behavior even if I
recreate the account. Is that expected?
No, that should never happen, and I've never seen it. Can you give us the exception?
--
Sergiu Dumitriu
http://purl.org/net/sergiu/