The passwordcontrol system uses a number of session variables to control its operation. This does effectively save constant reference to the plugin parameters and is done mainly to simplify the handling of sessions over the various methods.
Variable |
Remarks |
|---|---|
password_force |
Used to indicate that a forced password change is requested. |
email_force |
Used to indicate that a forced email address change is requested upon initial login. |
password_forced_change |
Indicates a forced password change is required. |
password_invalid |
An invalid password has been provided. A change is still required. Usually this is if the user has cancelled out of the password change or a password that has been used before has been repeatedly tried. |
paramset |
Used as an indicator for the OnUserAfterSave event. |
periodicity |
Used to store the frequency (in days) required for password changes. |
npassword |
Used to hold the number of possible unique passwords for a user. |
dbchecks |
Used to indicate that database checks for the password are preferred. |
db_version_stat |
Used to determine whether the database has binary logging enabled. |
prompt_check |
Used to determine whether a prompted password change is required. |