1
tl
BUG - retrieving password
  • 2003/10/7 21:33

  • tl

  • Friend of XOOPS

  • Posts: 999

  • Since: 2002/6/23


retrieve password through lostpass.php

If you want to retrive a password, you will receive a email message called "New Password Request at XOOPS Official Site". If you click on it, a new email message with a new password will be sent to you.

BUT once you have logged in with the new password, a "NEW Password Request ..." will be sent to you AGAIN and asks you to click on and change your password again.

The third email should not be sent by xoops.

tl

2
tl
Re: BUG - retrieving password
  • 2003/10/8 15:25

  • tl

  • Friend of XOOPS

  • Posts: 999

  • Since: 2002/6/23


Can someone confirm if they are having the same problem? Anyone has a fix for it?

It is a very serious problem. It has the potential of trapping users into a loop of changing password.

Thanks.

tl

3
tl
Re: BUG - retrieving password
  • 2003/10/9 12:55

  • tl

  • Friend of XOOPS

  • Posts: 999

  • Since: 2002/6/23


I guess I am the ONLY person is having this problem.

The problem I have fugured out is that once the new password was sent to you, XOOPS will re-direct you to user.php page, but with attachedment like this

user.php?xoops_redirect="......."

If you were to log in through this re-directed page, a new password request email would be generated and be sent to you. To a novice person, he/she would be attempting to click on it and the whole cycle re-starts again.

If you were to log in directly or delete the whole phrase "?xoops_redirect=......" in the re-directed page, no new email would be generated.

I am trying to figure out how I can set the re-direct to a simple user.php page without all the attachment.

Or if this could be done through user.php, so it would not trigger the lostpass.php again.

Anyone???




4
onokazu
Re: BUG - retrieving password
  • 2003/10/9 13:26

  • onokazu

  • XOOPS Founder

  • Posts: 617

  • Since: 2001/12/13


I have just fixed this on CVS. Thanks for letting us know.

include/functions.php
line 370
function redirect_header($url$time=3$message='')

to
function redirect_header($url$time 3$message ''$addredirect true)

line 380
if (strstr($url'user.php')) {

to
if ($addredirect && strstr($url'user.php')) {


lostpass.php
line 73
redirect_header("user.php"3sprintf(_US_PWDMAILED,$getuser[0]->getVar("uname")));

to
redirect_header("user.php"3sprintf(_US_PWDMAILED,$getuser[0]->getVar("uname")), false);

5
tl
Re: BUG - retrieving password
  • 2003/10/9 14:12

  • tl

  • Friend of XOOPS

  • Posts: 999

  • Since: 2002/6/23


Thank you, now it works.
tl

Login

Who's Online

438 user(s) are online (310 user(s) are browsing Support Forums)


Members: 0


Guests: 438


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits