How to modify dolphin login to accept only Email and Password

I wanted to modify my dolphin to only accept email and password for login. No username or member ID number.

 

I was told to do the following:

 

Hello open the - inc/admin.inc.php

find this function there:

function getID( $str, $with_email = 1 ) {
    if ( $with_email ) {
        if ( eregi("^[_.0-9a-z-]+@([0-9a-z][0-9a-z-]+.)+[a-z]{2,4}$", $str) ) {
            $str = process_db_input($str);
            $mail_arr = db_arr( "SELECT `ID` FROM `Profiles` WHERE `Email` = '$str'" );
            if ( (int)$mail_arr['ID'] ) {
                return (int)$mail_arr['ID'];
            }
        }
    }

    $str = process_db_input($str);
    $iID = (int)db_value( "SELECT `ID` FROM `Profiles` WHERE `NickName` = '$str'" );
   
    if(!$iID) {
        $aProfile = getProfileInfo($str);
        $iID = isset($aProfile['ID']) ? $aProfile['ID'] : 0;
    }
    return $iID;
}

 

and replace with :

function getID($str) {
    $str = process_db_input($str);
    $aItem = db_arr( "SELECT `ID` FROM `Profiles` WHERE `Email` = '$str' OR `ID` = '$str' LIMIT 1" );
    if ( (int)$aItem['ID'] ) {
        return (int)$aItem['ID'];
    }
}

 

 

 

-------------------------------------------------------------------------------------

 

The problem with this modification is that it caused profiles to not be viewable. It would error out with something like "this profile is not available for viewing". I was then able to load profiles using userID number instead of the permalink URL.

So the modification listed above appeared to have messed up permalinks for only profiles. Everything else worked fine. Alex T had logged in and identified the modification of getID as the cause of the problem. So the modification was reversed.

Does anyone know of a way to modify dolphin so that the login accepts only email and password, while not messing up anything else?

Quote · 12 Jul 2011

This post seems to be old but this is perfectly valid today. Does anyone have a solution for this? I would like to implement this to improve security.

Quote · 17 Mar 2014

Could you explain how this improves security?

Quote · 17 Mar 2014

When Dolphin is installed, admin had ID# 1. So, there is an advantage there for malicious people, where they only have to figure out the password. But having only emails in that field, makes the breaking task more difficult. I'm new to Dolphin, but when i knew I can put 1 and my password, I freaked out. Frown

Quote · 17 Mar 2014

try this

edit member.php on line around 364

$oZ = new BxDolAlerts('profile', 'before_login', 0, 0, array('login' => $member['ID'], 'password' => $member['Password'], 'ip' => getVisitorIP()));
$oZ->alert();

add this just after this ^

if(!filter_var($member['ID'], FILTER_VALIDATE_EMAIL)) {
    exit('Fail');
}

bah....of course i didn't tested. I am too lazy to do that.

so much to do....
Quote · 17 Mar 2014

Ok - I'll try it. Thanks.

Quote · 17 Mar 2014

WOW!!! This was perfect... Thank you so much. Cool

Quote · 17 Mar 2014

 

When Dolphin is installed, admin had ID# 1. So, there is an advantage there for malicious people, where they only have to figure out the password. But having only emails in that field, makes the breaking task more difficult. I'm new to Dolphin, but when i knew I can put 1 and my password, I freaked out. Frown

 Nice catch on that one, I never realized that, always used username to login.

 

But, not to hijack or anything - does anyone know of a way to restrict using the member id and forcing username or email only?

caredesign.net
Quote · 17 Mar 2014

if(is_numeric($member['ID'])) {
    exit('Fail');
}

so much to do....
Quote · 17 Mar 2014

User number 1 does not have to be an admin.  My admin account is not member 1.

Geeks, making the world a better place
Quote · 18 Mar 2014

 thanks, but I had to remove the ! - or it was saying to only accept numerical values - but again, thanks, cause without your help I would have never figured it out on my own.

if(is_numeric($member['ID'])) {
    exit('Fail');
}

 

caredesign.net
Quote · 18 Mar 2014

 

 thanks, but I had to remove the ! - or it was saying to only accept numerical values - but again, thanks, cause without your help I would have never figured it out on my own.

if(is_numeric($member['ID'])) {
    exit('Fail');
}

 

 er....my bad...someone edit the post please and remove the ! for future readers. Thanks

so much to do....
Quote · 18 Mar 2014

Edit done..

Quote · 18 Mar 2014

 

Edit done..

 thanks

so much to do....
Quote · 18 Mar 2014

 Very nice, but I'm struggling to change the "Username" caption above the input field at the login form. Could you enlight me about?

try this

edit member.php on line around 364

$oZ = new BxDolAlerts('profile', 'before_login', 0, 0, array('login' => $member['ID'], 'password' => $member['Password'], 'ip' => getVisitorIP()));
$oZ->alert();

add this just after this ^

if(!filter_var($member['ID'], FILTER_VALIDATE_EMAIL)) {
    exit('Fail');
}

bah....of course i didn't tested. I am too lazy to do that.

 

Quote · 28 Sep 2015

 

I'm struggling to change the "Username" caption

 Edit this key "_NickName" is for the login popup.

 

yoursite.com/administration/lang_file.php?&filter=_NickName

 

ManOfTeal.COM a Proud UNA site, four years running strong!
Quote · 28 Sep 2015

 Thank you, newton27! I've created a new key and changed the source code, as I don't know where the key "_Nickname" is used. My fault was to change the lang-en.php directly, I think. How to make the system "recompile" key definitions in this file? Using the administration console to add the lang key was fine.

 

I'm struggling to change the "Username" caption

 Edit this key "_NickName" is for the login popup.

 

yoursite.com/administration/lang_file.php?&filter=_NickName

 

 

Quote · 30 Sep 2015

 A deep find answered me :-)

Back to standard!

 Thank you, newton27! I've created a new key and changed the source code, as I don't know where the key "_Nickname" is used. My fault was to change the lang-en.php directly, I think. How to make the system "recompile" key definitions in this file? Using the administration console to add the lang key was fine.

 

I'm struggling to change the "Username" caption

 Edit this key "_NickName" is for the login popup.

 

yoursite.com/administration/lang_file.php?&filter=_NickName

 

 

 

Quote · 1 Oct 2015

Old thread but seems relevant to ask for updated insight. Can't I just remove the "nickname" from the join form fields builder entirely. By that I mean can a member sign up and complete it having never seen or filling out the nickname (aka user name) field.

 

I noticed the login allows both user name or email (or user ID apparently which I've never seen anyone use). But again if the member never completes the user name will all be fine or do you need to make som code changes

 

Thanks for the wisdom and insight in advance.

Quote · 23 Mar 2017

To partially answer my own question -- I removed nickname (username) completely from the join forms. Then did a new sign-up and everything worked beautifully. So in the joining process no snags.

 

Anyone no of any irreparable harm I may inadvertently be doing to the space and time continuum accomplishing this change in such an easy way? Laughing

Quote · 23 Mar 2017

I'm running Dolphin pro and i had to keep the ! in the code. Works like a charm. Ty guys

Quote · 26 Mar 2017

Obviously the code tweaks offered here don't apply to dolphin 7.3

 

anyone in the know please post an update so I can make it so login is ONLY the registered email -- not an ID or username.

 

Thanks.

Quote · 24 Apr 2017

any update on this as i would like to use email only as well

Quote · 7 Oct 2017

I can confirm that this still works in 7.3.5 (yes there are some of us still out there hanging in!).

Quote · 10d ago

 

I can confirm that this still works in 7.3.5 (yes there are some of us still out there hanging in!).

 Eventually I plan on moving to Cheetah; it will be Dolphin ++.

Geeks, making the world a better place
Quote · 10d ago
 
 
Below is the legacy version of the Boonex site, maintained for Dolphin.Pro 7.x support.
The new Dolphin solution is powered by UNA Community Management System.