When I test the change password or forgot my password the email comes through fine. When I click on the link in the email I get an error: Fatal error: Call to a member function data() on a non-object in /home/bandit/public_html/member/library/Am/Auth/User.php on line 127 Any suggestions?
First, such question are better to ask here: http://bt.amember.com/ However, the problem you are describing, is already resolved. Please download updated build from members area, overwrite your install, and run yoursite.com/amember/admin-upgrade-db
Alex Is there a simple way to check build version of the downloads as filenames are the same presumably?
I don't see a place to download the new release in the members area. I only have access to v3.3.0 Beta. In this directory http://bt.amember.com/projects/am4/files there is nothing to download. Can you give me the url to download?
Sorry, just added access to your account. http://www.amember.com/amember/member.php On next week (that is final date!) v4 will be available for all customers with active support/updates subscription. We are finishing new site and we will move soon.
Can anyone please explain how the password is sent to the end user? If I try to include it in the signup email it comes in as a string and not their password: $P$BFMbDh23dk/JakqAkSA.eU1eI6EYRA0 I'd like the welcome email to have their username/password just like in V3. I can see either not having the password or not being able to choose their password during registration as being a big draw on customer support. Thanks for any feedback on this.
Darren, I am not sure why, but I noticed if you use the supplied registration email template the plain password is sent. However is you use the password variable on other email templates it sends the long character string. I also noticed there are two password variables "%user.pass%" and "%password%". Maybe that has something to do with it? I am not sure if I helped much, just wanted to pass on what I noticed about passwords.
Plain-text password is only known at time of user registration (aMember CP -> Setup -> Send Registration E-Mail) and is available as %password%. That was main security problem of aMember v3 that password was store in plain-text format. Now passwords stored as hashes and it is simply impossible to access. That is normal. Look at any modern website - they cannot send you the password you set, they can only reset it for you.
For my business, we have to manually enter the password into 2 other programs for everything to work properly. Is possible for the admin to retrieve the original password?
You can enable plain-text password storage. Will you be integrating with other programs using aMember Pro plugins? http://www.amember.com/docs/API/Protect If so, you can return SavedPassTable:ASSWORD_PLAIN from getPasswordFormat() method of the plugin, then plain-text passwords will be stored to am_saved_pass table linked to user_id.
Thanks for the response Alex. I'll have to look into this a bit further to figure it out. Might have another question or two in the future.
Hi there.. I notice in the documentation there is a checkbox to enable/disable MD5 passwords. I don't see it in my admin area? Did the latest update remove it? http://www.amember.com/docs/Setup/Advanced Any info will be greatly appreciated!
It is now disabled completely, as it is not much different from storing passwords in plain-text. If an integration plugin needs passwords in MD5 format, it is still possible to enable.