Function UpdateUserEx()
(since 5.4.449)
Extended function to help change user passwords securely:
C++
BOOL UpdateUserEx(TUser &user, const char *oldpwd, const char *newpwd);
|
wcBasic
Function UpdateUserEx(user as TUser oldpwd as string, newpwd as string) as boolean
|
Return:
TRUE if the user record update was successful, otherwise FALSE. See GetLastError() for return code.
Remark
UpdateUserEx() is a more secured method of changing the user record when the password needs
to be changed, specifically for connected sessions where the old password is required as a "double check".
In the past, the UpdateUser() function was used to change the user password. UpdateUser() can
still be used but it is "unsecured". As long as the user is logged in or the system is making the change, UpdateUser() will use the TUser.Password
as the new password if the field was changed.
With UpdateUserEx(), the difference is that now you can pass the old password as a means of a
double check. This allows developers to write applications where the old password is requested before making a new password change. You don't need to change the TUser.Password
field when using UpdateUserEx(). The comparison is made with the provided old and new passwords with the server saved user account.
Note
UpdateUserEx() will also do a UpdateUser() so any other information stored in the user record is also saved.
© 2001 Hector Santos, http://www.santronics.com
|