User emails and auto-generated passwords

If you aren't speaking german, you can ask for support or post your request here.
Beiträge: 9
Registriert: 2. Aug 2023, 22:11

User emails and auto-generated passwords

Beitrag von robinson_pj_ssea »

I now understand how to bulk import user profiles (including a password) and have carried out a few tests, both in an 'online' test version and an offline version in a webserver on my PC. Thank you for all that explanation in a previous topic thread.

My understanding of our membership system is that we will be bulk uploading user data for our society once a year (around September) on renewals and new members from an Excel spreadsheet. As it's possible to upload a password for each user, it also makes sense to create a temporary password at the same time. So, for instance in my case, I could have a password, say 'RobinPJ_231019', which is based on my name and the date the profile was created. That would also ensure that the passwords fit to the correct format. However, if we then send out an email to the users, those 'manually generated' passwords get deleted in favour of an autogenerated one. This is also the case when a user requests a password reset:
Hello Peter,

You are receiving your login data for membership website
Username: <my_user_name>
Password: <randomly_generated_password> and not 'RobinPJ_231019'

The password was generated automatically...

Although we are trying to achieve the same thing, if possible I would be interested to know how to stop the email from sending out the automatically generated random password. I understand that the members_function.php script plays a part in this, especially with parameter mode 4, and have tried to amend this but failed, getting instead only a blank space where the password should be:

* Parameters:
* mode: 1 - MsgBox explaining what effect the deletion has.
* 2 - remove user ONLY from the member community
* 3 - delete user from database
* 4 - send user e-mail with new access data

} elseif ($getMode === 4) {
// User must be member of this organization
// E-Mail support must be enabled
// Only administrators are allowed to send new login data or users who want to approve login data
if (isMember($user->getValue('usr_id'))
&& $gSettingsManager->getBool('system_notifications_enabled')
&& ($gCurrentUser->isAdministrator() || $gCurrentUser->approveUsers())) {
try {
//---- we don't want to create a new random password other than from when we
// import it from our bulk upload
// So REM these lines out
// // Generate new secure-random password and save it
// $password = SecurityUtils::getRandomString(PASSWORD_GEN_LENGTH, PASSWORD_GEN_CHARS);
// $user->setPassword($password);
// $user->save();

// Send mail with login data to user
$sysMail = new SystemMail($gDb);
$sysMail->addRecipientsByUserId((int) $user->getValue('usr_id'));
$sysMail->setVariable(1, $password);
$sysMail->sendSystemMail('SYSMAIL_NEW_PASSWORD', $user);
} catch (AdmException $e) {
// => EXIT

Ideally, it would be great if we could have another parameter mode:
* 7 - send user e-mail with access data using uploaded password

As I am not a confident PHP programmer,
1. is it possible to amend the code to use the bulk-uploaded password, and if so, what code would I need to add/change and in what files? Is there, for instance, a direct variable value that I can use that includes the password as it was when uploaded?
2. I note that when a user requests a new password, the email that is sent out is the same as that for the new user (ie 'Login data for <organisation> memberships'). Is it possible to set up an email that could welcome new users/renewed users to the organisation, and if so where is that template? I've looked through the help documentation and the list of files in the program and haven't been able to find the appropriate email template.

Thanks for your help (and from any other members of the forum)

Peter Robinson
SSEA webmaster