Jump to content

How do you change the a users password without using email?


Web Host Pro

Recommended Posts

I'm sure this has been said here, probably by me. And probably ignored. But how do you reset a customer's password without using email again? Unless it's your first day on the interweb you know email is not reliable and people lose their emails. So there has to be another way. Obviously it should be an option for admins to do but I don't see the option for this still. I searched for it and the community search could not find a thread for it which is add weird and not allowing an admin to do this from WHMCS.

Link to comment
Share on other sites

They removed admins ability to do password resets, for "security reasons". Personally I think something broke when they implemented the user/owner/contact scheme and aren't willing to tear it back apart to fix it. Other than editing in the database, I don't know of a method to change one any longer. 

Link to comment
Share on other sites

You can do the following to set a specific password for a user:

<?php
require 'init.php';

use WHMCS\User\User;

$password = '!myStr0ngpAssword$'; // Set the new password
$newPasswordHash = password_hash($password, PASSWORD_BCRYPT); // Hash the password

$user = User::find(1); // The ID of the user
$user->password = $newPasswordHash;
$user->save();

It actually shouldn't be too big of a deal creating  a module that does exactly this to be done from the admin area. Doesn't even need to be a module, could simply be a hook.

Link to comment
Share on other sites

  • 1 month later...
  • 1 month later...
  • 5 months later...
Error: ParseError: syntax error, unexpected 'string' (T_STRING), expecting function (T_FUNCTION) or const (T_CONST) in /home/hostmail/public_html/clients/modules/addons/PasswordChange/lib/PasswordGenerator.php:10 Stack trace: #0 [internal function]: WHMCS\Module\Autoloader->moduleClassLoader('WHMCS\\Module\\Ad...') #1 /home/hostmail/public_html/clients/modules/addons/PasswordChange/lib/Admin/Controller.php(32): spl_autoload_call('WHMCS\\Module\\Ad...') #2 /home/hostmail/public_html/clients/modules/addons/PasswordChange/lib/Admin/AdminDispatcher.php(18): WHMCS\Module\Addon\PasswordChange\Admin\Controller->changePassword(Array) #3 /home/hostmail/public_html/clients/modules/addons/PasswordChange/PasswordChange.php(65): WHMCS\Module\Addon\PasswordChange\Admin\AdminDispatcher->dispatch('changePassword', Array) #4 /home/hostmail/public_html/clients/shank/addonmodules.php(0): PasswordChange_output(Array) #5 {main}
Link to comment
Share on other sites

1 hour ago, Dkuzik said:

for that hook i am not sure probably for older whmcs and php versions.

I would personally use WGS or another paid service $25 and under. Inexpensive.

If you want Lees module see attached.

clientpassword.tar.gz 14.22 kB · 1 download

Older version and had some bugs so took it down, but feel free to use it/expand on it 🙂 

Link to comment
Share on other sites

  • 9 months later...
  • 3 months later...

Running into something weird with this. I have a new user account that I set up for a client. They can't log in. I go to the login page and I can't log in either. They request a password reset, the email never arrives. I set up a new test account and everything works just fine. 

So, I go to the `tblusers` table in the database and I look at the hash for the test account's password, then copy/paste it into the password field for the problematic user's account. It doesn't work. 

I run a BCRYPT encryption on the desired password to generate a hash, then copy/paste that into the password field for the problematic user's account. It doesn't work. 

Again, every other user account seems to be working. Is there some sort of unique per-user salt on the password encryption that would prevent a direct copy/paste from a password field that's known to the problematic one? 

Or is something weirder going on?  

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated