1
cadch
lostpass.php Have some error,On user by Gmail
  • 2021/11/19 8:41

  • cadch

  • Just popping in

  • Posts: 51

  • Since: 2007/12/17


lostpass.php Have some error,On user by Gmail
Gmail on Chrome will use cache.google.com,If user click mail url【xoops_url/lostpass.php?email=xxx@xxx.com&code=xxxxx】
Will go to 【google_url/url?q=xoops_url/lostpass.php?email%3Dxxx@xxx.com%26code%3Dxxxxx&source=gmail&ust=xxxxxxxx&usg=xxxxxxx"】
cache.google.com will cache the URL,Will send 【lostpass1.tpl】again.
Fix it
if (empty($getuser)) {
    
$msg _US_SORRYNOTFOUND;
    
redirect_header('user.php'2$msg);
} else {
    
$code   = isset($_GET['code']) ? trim($_GET['code']) : '';
    
$areyou substr($getuser[0]->getVar('pass'), 09);
    if (
$code != '' && $areyou == $code) {
        
$newpass     xoops_makepass();
        
$xoopsMailer xoops_getMailer();
        
$xoopsMailer->useMail();
        
$xoopsMailer->setTemplate('lostpass2.tpl');
        
$xoopsMailer->assign('SITENAME'$xoopsConfig['sitename']);
        
$xoopsMailer->assign('ADMINMAIL'$xoopsConfig['adminmail']);
        
$xoopsMailer->assign('SITEURL'XOOPS_URL '/');
        
$xoopsMailer->assign('IP'$_SERVER['REMOTE_ADDR']);
        
$xoopsMailer->assign('AGENT'$_SERVER['HTTP_USER_AGENT']);
        
$xoopsMailer->assign('NEWPWD'$newpass);
        
$xoopsMailer->setToUsers($getuser[0]);
        
$xoopsMailer->setFromEmail($xoopsConfig['adminmail']);
        
$xoopsMailer->setFromName($xoopsConfig['sitename']);
        
$xoopsMailer->setSubject(sprintf(_US_NEWPWDREQXOOPS_URL));
        if (!
$xoopsMailer->send()) {
            echo 
$xoopsMailer->getErrors();
        }
        
// Next step: add the new password to the database
        
$sql sprintf(
            
"UPDATE %s SET pass = '%s' WHERE uid = %u",
            
$xoopsDB->prefix('users'),
            
password_hash($newpassPASSWORD_DEFAULT),
            
$getuser[0]->getVar('uid')
        );
        if (!
$xoopsDB->queryF($sql)) {
            include 
$GLOBALS['xoops']->path('header.php');
            echo 
_US_MAILPWDNG;
            include 
$GLOBALS['xoops']->path('footer.php');
            exit();
        }
        
redirect_header('user.php'3sprintf(_US_PWDMAILED$getuser[0]->getVar('uname')), false);
        
// If no Code, send it
    
} elseif (isset($_POST['email'])) {
        
$xoopsMailer xoops_getMailer();
        
$xoopsMailer->useMail();
        
$xoopsMailer->setTemplate('lostpass1.tpl');
        
$xoopsMailer->assign('SITENAME'$xoopsConfig['sitename']);
        
$xoopsMailer->assign('ADMINMAIL'$xoopsConfig['adminmail']);
        
$xoopsMailer->assign('SITEURL'XOOPS_URL '/');
        
$xoopsMailer->assign('IP'$_SERVER['REMOTE_ADDR']);
        
$xoopsMailer->assign('AGENT'$_SERVER['HTTP_USER_AGENT']);
        
$xoopsMailer->assign('NEWPWD_LINK'XOOPS_URL '/lostpass.php?email=' $email '&code=' $areyou);
        
$xoopsMailer->setToUsers($getuser[0]);
        
$xoopsMailer->setFromEmail($xoopsConfig['adminmail']);
        
$xoopsMailer->setFromName($xoopsConfig['sitename']);
        
$xoopsMailer->setSubject(sprintf(_US_NEWPWDREQ$xoopsConfig['sitename']));
        include 
$GLOBALS['xoops']->path('header.php');
        if (!
$xoopsMailer->send()) {
            echo 
$xoopsMailer->getErrors();
        }
        echo 
'';
        
printf(_US_CONFMAIL$getuser[0]->getVar('uname'));
        echo 
'';
        include 
$GLOBALS['xoops']->path('footer.php');
    } else {
        
redirect_header('user.php'2'Please input your EMAIL.');
    }
}

2
Mamba
Re: lostpass.php Have some error,On user by Gmail
  • 2021/11/20 14:45

  • Mamba

  • Moderator

  • Posts: 11409

  • Since: 2004/4/23


Thanks for reporting!

Which XOOPS version do you use?
Support XOOPS => DONATE
Use 2.5.11 | Docs | Modules | Bugs

3
cadch
Re: lostpass.php Have some error,On user by Gmail
  • 2021/11/21 8:23

  • cadch

  • Just popping in

  • Posts: 51

  • Since: 2007/12/17


XoopsCore25-2.5.11-Beta1

4
zyspec
Re: lostpass.php Have some error,On user by Gmail
  • 2021/11/23 16:27

  • zyspec

  • Module Developer

  • Posts: 1095

  • Since: 2004/9/21


@cadch,

Does the code you posted above 'fix' the issue for you?

5
cadch
Re: lostpass.php Have some error,On user by Gmail
  • 2021/11/24 2:54

  • cadch

  • Just popping in

  • Posts: 51

  • Since: 2007/12/17


Yes,But my Code not smart~

Login

Who's Online

375 user(s) are online (298 user(s) are browsing Support Forums)


Members: 0


Guests: 375


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits