8

I have an client website with a special user name 'guest' that allows unauthorized users to login and register for events. But lately the password has been getting changed and it appears that it is being done at the login by requesting a password recovery/reset. That reset is done automatically and although it emails the temporary password to the ~manager~ of the guest account, it requires repeated resetting of the password back to its original and known value.

So, is is possible to prevent a password recovery/reset only when the user name is 'guest', specifically? Thus not affecting other authorized users from getting a reset when they have forgotten their password?

FYI: the last post I saw on this on drupal was 2005 ... nothing since, and it was a node/16909. In that post a patch was offered, but it was applicable to Drupal version 5, and one of the comments was by Dries where he said that patch would not be folded into a release until a better solution was found. I'm on Drupal 6.

Any solutions???

carl

cfusch
  • 729
  • 4
  • 7

1 Answers1

1

Why not just do away with the guest account and use the systems built in anonymous user? Fighting Drupal always ends in tears.

Tyler Eaves
  • 12,879
  • 1
  • 32
  • 39
  • 1
    Sage advice. this accounts been around for a long time and has a gizillion members. I picked it up for maintenance just a short time ago, and you give me further reason to see if I can't get the owner to open it up. Thanks for your input. - Carl – cfusch Feb 22 '12 at 13:07
  • That said, if you _really_ wanted to, you could find the code for the password reset (should be in the user module, somewhere), check if the uid = the guest uid, and if so, don't actually change the password. – Tyler Eaves Feb 22 '12 at 13:55
  • SOLVED! this was actually the result of the Drupal Module, ~Joomla_convert~ that should have been disabled after completing its use and go-live. So it was apparently what was causing the reversion to the old password. – cfusch Mar 11 '12 at 18:00