强制用户登录时更改密码 [英] Force User to Change Password When Logged in

问题描述

大家好，

我写了一个网站，该网站强迫用户在最后更改3个月后更改密码.当用户登录网站时它会检测到它.但是，如果用户从未注销过该如何进行检测.你能给我个主意，而不用做Cron工作吗?


致谢

Hi guys,

I write a web site which it forces users to change their password after 3 months of last change. It detects it when user is logging in the website.But, if user never logs out how I can made this detection. Can you give me idea how I can do it withoutusing cron job?


Thanks & Regards

推荐答案

在您的登录表中添加RegisteredDate列.

Add RegisteredDate Column in your login table.

SELECT CONVERT(VARCHAR(10),Datediff(ss,getdate(),RegisteredDate )/(60*60*24))

您将无法使用此查询.
如果它是密码更改的提示消息，请检查它是否大于90.

you will get no of day with this query.
Check it is greater than 90 if it is give message for password change.

如果您保存了他们上次更改密码时的此列，那么即使他们没有更改密码也没有问题.没有注销.
您可以通过以下方式实现此目标:

1.查询lastPasswordChangedDate;
2.如果自更改密码以来已超过X天，则应禁用其帐户并重定向到更改密码页面.

if you have save this column of when they have last changed their password then you have no problem even if they haven''t logged out.
You can attain this by:

1. querying the lastPasswordChangedDate;
2. and if it is more than X days since this password is changed, you should disable their account and redirect to change password page.

这篇关于强制用户登录时更改密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！