[SOLVED] Alter the generated password

Ok I tried setting up the AutoAction as instructed and it has absolutely no effect on the password. I used $variables["var1"]->setRandomPassword(6); as the code and I have checked the autoaction a few times and I still get the a 12 character password. I found the original function setRandomPassword and hacking does have the desired effect so I can't understand why overriding doesn't. I have also put the auto action in debug mode and checked and double checked whether everything was published and set as reference. Nothing shows up. Could I be using the wrong trigger?

Be sure Reference Variables is configured or it won't be able to modify the user object by reference. This won't do anything for backend through as it's strictly for frontend so be sure you're testing on frontend only. If you want it to also apply to backend you need to add the onBeforeNewUser trigger as well.

I have configured variable 1 as reference in the parameters tab of the auto action. In the action tab I have this code:

$variables->setRandomPassword(6);
$hashedPassword = $variables->hashAndSaltPassword($variables->password );
$variables->password = $hashedPassword;
$variables->store();

with PHP selected

That's not the code that was provided. See my reply below.

www.joomlapolis.com/forum/255-developer-members-support/239506-alter-the-generated-password?limitstart=0#306684

That trigger does not require hashing since the hashing happens after that trigger. Store also is not necessary as it will interrupt the registration process and store will happen after the trigger. You should only need to use the below for the code.


$variables is just an array of variables sent by the trigger. var1 is the user object being registered for that trigger.

When testing enable debug mode and maximum error reporting in Joomla global configuration then also enable Debug within your auto action under Parameters. This should ensure if an error does happen it'll be displayed. If your server does not allow create_function or eval you won't be able to pass variables by reference.

Hi krileon

I actually started with that code that you provided in the previous answer and it has no effect on the password neither does any of the code I have tried. I checked if I forgot to publish the auto action and if the access level was everybody and everything seems to be correct but nothing. I have just tested again with the only the code:


and there is no change here is the email with the password;

[REMOVED]

Please do not most login credentials here as they are publicly visible forums. Are you testing this on frontend or backend? What you're wanting to do may just simply not be doable without modifying the core code. The password gets regenerated at time of confirmation if confirmation is enabled for example where this code won't impact so it'd be generated with 12 characters again.

With that said I still do not recommend halfing the security of passwords. The recommend secure length for a password is 12 characters (or more). As it's randomly generated it's gibberish regardless of how long it is.