Disabling the forced Admin password change in Zen Cart 1.5.0

*** Warning: This change will violate the PCI status of your cart.  You should only do this on test carts on your own PC or on carts which do not require PCI certification. ***

One of the features which is required for Zen Cart PCI compliance is periodic password changes.  This can be a nuisance on test carts and carts on your local PC.  Here’s how to turn it off.

a) To disable forced 90 day password changes, edit

admin/login.php

and change

define('ADMIN_PASSWORD_EXPIRES_INTERVAL', strtotime('- 90 day'));

to

define('ADMIN_PASSWORD_EXPIRES_INTERVAL', strtotime('- 36500 day'));

(Note that the above change means you won’t have to change passwords for 100 years.  To require an annual password change, use the value 365 instead.)

b) To disable the check against the last 3 passwords, edit

admin/includes/functions/admin_access.php
and change zen_check_for_password_problems() so that the first line is
return FALSE;
This entry was posted in That Software Guy, Zen Cart and tagged . Bookmark the permalink.