1
ziwman
Problem : Password Recovery process
  • 2013/11/21 14:28

  • ziwman

  • Just popping in

  • Posts: 16

  • Since: 2008/11/28


Hello Xoops Community,

I'm back after 6 years ... I used Xoops to animate a community in 2006.
I've just installed the last xoops version and migrate Xoops Users + forums from my outdated xoops version.

The problem is, when i try to recover my password via : Lost Password link. i got the E-mail with recovery link. the link email=xx@xxxxx.xx&code=xxx" title="http://www.tafraout.net/modules/profile/lostpass.php?email=xx@xxxxx.xx&code=xxx" rel="noopener external">http://www.tafraout.net/modules/profi ... mail=xx@xxxxx.xx&code=xxx send me to user page without any visible action ! i have to refresh the page twice to get the message that Xoops sent me my new password.

Checking my inbox, i find the e-mail with new password, 2 sec. after, i receive a new Recovery Password E-mail with a new recovery link !


2
Bleekk
Re: Problem : Password Recovery process
  • 2013/11/21 16:04

  • Bleekk

  • Theme Designer

  • Posts: 938

  • Since: 2002/12/14


try to disable the profile module and try it then please again

3
ziwman
Re: Problem : Password Recovery process
  • 2013/11/21 16:13

  • ziwman

  • Just popping in

  • Posts: 16

  • Since: 2008/11/28


Quote:

Bleekk wrote:
try to disable the profile module and try it then please again


Hello Bleek,

Following your recommandation. When I click on the password recovery link sent by mail, It redirect me to the user.php page without ANY MESSAGE. but I receive the second e-mail with the new password.

Should I keep the Profil module desactivated ?
How to fix the Confirmation message while clicking on the password recovery link ?

Thanks !

4
Bleekk
Re: Problem : Password Recovery process
  • 2013/11/21 16:29

  • Bleekk

  • Theme Designer

  • Posts: 938

  • Since: 2002/12/14


can you please switch to the default theme, activate the profile module and try again

5
ziwman
Re: Problem : Password Recovery process
  • 2013/11/21 16:35

  • ziwman

  • Just popping in

  • Posts: 16

  • Since: 2008/11/28


Quote:

Bleekk wrote:
can you please switch to the default theme, activate the profile module and try again


Still the same problem using the default temp. :(

6
Bleekk
Re: Problem : Password Recovery process
  • 2013/11/21 16:59

  • Bleekk

  • Theme Designer

  • Posts: 938

  • Since: 2002/12/14


that's strange. I am not sure why is it not working.
maybe it has something to do with your import of user tables or simply with your php version

7
redheadedrod
Re: Problem : Password Recovery process

I notice this is in the 2.6 xoops forum. The latest version of Xoops to use is 2.5.6 so please make sure you are only using that version at this time. 2.6 is Alpha and is in constant flux as major upgrades are being made to it on an almost daily basis.

Having said that what version of xoops are you using and what version of profile are you using? Please only use the version of profile that came with the version of xoops you are running. There are other versions floating around by a third party developer that has an issue with quality and you will likely be very frustrated trying to use any of his modules.

Having said all of that I am in progress of making major upgrades to the current Profile module. Richard and I have found some issues with the current version and I will be making some major updates to hopefully make it more stable and secure. Please watch out for a release coming soon of this. My semester is coming to an end which will allow me much more time but I am hoping to have an updated profile module available by middle of December. This will not be the full rewrite I have talked about in other posts but my work done on this now will be helpful in that future venture.
Attending College working towards Bachelors in Software Engineering and Network Security.

8
ziwman
Re: Problem : Password Recovery process
  • 2013/11/22 16:50

  • ziwman

  • Just popping in

  • Posts: 16

  • Since: 2008/11/28


Fixed !

I changed actions "Show message" instead of header redirection ! using customized messages ...

Code :

<?php
include dirname(__FILE__) . DIRECTORY_SEPARATOR 'mainfile.php';

$xoopsPreload =& XoopsPreload::getInstance();
$xoopsPreload->triggerEvent('core.lostpass.start');

xoops_loadLanguage('user');

$email = isset($_GET['email']) ? trim($_GET['email']) : '';
$email = isset($_POST['email']) ? trim($_POST['email']) : $email;

if (
$email == '') {
    
redirect_header("user.php"2_US_SORRYNOTFOUND);
    exit();
}

$myts =& MyTextSanitizer::getInstance();
$member_handler =& xoops_gethandler('member');
$getuser =& $member_handler->getUsers(new Criteria('email'$myts->addSlashes($email)));

if (empty(
$getuser)) {
    include 
$GLOBALS['xoops']->path('header.php');
        
        echo 
"<br><br><br>
        <div class='alert alert-danger'><p><strong>Oups!</strong><br>Aucun utilisateur n'est enregistré avec l'adresse e-mail mentionnée. Merci de réessayer ou contactez l'administrateur : <strong>contact@tafraout.net</strong></p>
        <p><a href='user.php' class='btn btn-primary'>Réessayer</a></p>
        </div>"
;
       
        include 
$GLOBALS['xoops']->path('footer.php');
    exit();
} else {
    
$code = isset($_GET['code']) ? trim($_GET['code']) : '';
    
$areyou substr($getuser[0]->getVar("pass"), 05);
    if (
$code != '' && $areyou == $code) {
        
$newpass xoops_makepass();
        
$xoopsMailer =& xoops_getMailer();
        
$xoopsMailer->useMail();
        
$xoopsMailer->setTemplate("lostpass2.tpl");
        
$xoopsMailer->assign("SITENAME"$xoopsConfig['sitename']);
        
$xoopsMailer->assign("ADMINMAIL"$xoopsConfig['adminmail']);
        
$xoopsMailer->assign("SITEURL"XOOPS_URL "/");
        
$xoopsMailer->assign("IP"$_SERVER['REMOTE_ADDR']);
        
$xoopsMailer->assign("NEWPWD"$newpass);
        
$xoopsMailer->setToUsers($getuser[0]);
        
$xoopsMailer->setFromEmail($xoopsConfig['adminmail']);
        
$xoopsMailer->setFromName($xoopsConfig['sitename']);
        
$xoopsMailer->setSubject(sprintf(_US_NEWPWDREQXOOPS_URL));
        if (! 
$xoopsMailer->send()) {
            echo 
$xoopsMailer->getErrors();
        }
        
// Next step: add the new password to the database
        
$sql sprintf("UPDATE %s SET pass = '%s' WHERE uid = %u"$xoopsDB->prefix("users"), md5($newpass), $getuser[0]->getVar('uid'));
        if (!
$xoopsDB->queryF($sql)) {
            include 
$GLOBALS['xoops']->path('header.php');
            echo 
_US_MAILPWDNG;
            include 
$GLOBALS['xoops']->path('footer.php');
            exit();
        }
        include 
$GLOBALS['xoops']->path('header.php');
        
        echo 
"<br><br><br><div class='alert alert-success'><strong>Votre mot de passe a été changé avec succès.</strong><br>
        Nous avons envoyé un nouveau mot de passe à votre adresse e-mail. Merci de consulter votre boite de réception.</div>"
;
       
        include 
$GLOBALS['xoops']->path('footer.php');
        
header"refresh:10;url=user.php" );
        
// If no Code, send it
    
} else {
        
$xoopsMailer =& xoops_getMailer();
        
$xoopsMailer->useMail();
        
$xoopsMailer->setTemplate("lostpass1.tpl");
        
$xoopsMailer->assign("SITENAME"$xoopsConfig['sitename']);
        
$xoopsMailer->assign("ADMINMAIL"$xoopsConfig['adminmail']);
        
$xoopsMailer->assign("SITEURL"XOOPS_URL "/");
        
$xoopsMailer->assign("IP"$_SERVER['REMOTE_ADDR']);
        
$xoopsMailer->assign("NEWPWD_LINK"XOOPS_URL "/lostpass.php?email=" $email "&code=" $areyou);
        
$xoopsMailer->setToUsers($getuser[0]);
        
$xoopsMailer->setFromEmail($xoopsConfig['adminmail']);
        
$xoopsMailer->setFromName($xoopsConfig['sitename']);
        
$xoopsMailer->setSubject(sprintf(_US_NEWPWDREQ$xoopsConfig['sitename']));
        include 
$GLOBALS['xoops']->path('header.php');
        if (! 
$xoopsMailer->send()) {
            echo 
$xoopsMailer->getErrors();
        }
       
        echo 
"<br><br><br><div class='alert alert-warning'>Nous avons envoyé un e-mail à l'adresse <strong>" $email "</strong> <br> Merci de consulter votre boite de réception, vous y trouverez un lien confidentiel qui vous permettra de recevoir un nouveau mot de passe.</div>";
        
        include 
$GLOBALS['xoops']->path('footer.php');
    }
}

?>

Login

Username:
Password:

Lost Password? Register now!

Who's Online

68 user(s) are online (39 user(s) are browsing Support Forums)


Members: 0


Guests: 68


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Jun 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits