[support] Password stored in DB
sivaji j.g
sivaji2009 at gmail.com
Sun May 29 18:02:38 UTC 2011
On Sun, May 29, 2011 at 11:14 PM, Jamie Holly
<hovercrafter at earthlink.net> wrote:
> Honestly I would go a different route. Store an encrypted password
> (maybe mcrypt?) in the $user->data array. Once they are registered
> through the new service, delete out that setting in $user->data.
I agree.
I am rephrasing my previous reply. In your custom submit handler
capture the plain text password from $form_state['values']['pass'] and
just pass it external service, this way you can avoid storing plain
text password (or decrypting it). This may not be a best solution but
feasible IMO.
This would have been much easier to solve in OpenERP.
--
Sivaji
More information about the support
mailing list