Post by docroesner » Thu Mar 31, 2016 7:29 am

I installed and migrated from my old 1.5 installation.
No problem so far. All logins continue to work.
There are just people who forgot their passwords and here I see an issue:

The password forgotten/reset function does not work.
No error message is displayed but here is what happens:

After clicking the Email link for resetting the password you type in a new password and confirm it.
No problem. The software shows the success message.
But logging in with the new password does not work.

I checked the steps.
After submitting the formular containing the new password at

Code: Select all

nothing is updated in the customer-table. There is the same password-code and salt-code as before and even the code field remains unaltered.
So, testing this, I still succeed logging in with my supposedly forgotten old password and the new one which I intended to set, does not work.
BTW, changing the password after being logged in works without problem.

Looking up the error_log: nothing.
Looking up the access_log: shows that I retrieved the reset formular page correctly. Then it shows the post of the formular and the redirect to the index.php?route=account/login - all as intended.
The only problem is that the new password doesn't get stored in the database table 'oc_customer'.

Anyone with a similar problem?
I downloaded and installed the
Any help?

Best regards

User avatar


Sat Jan 21, 2012 11:17 pm

Post by kirkhall » Thu Mar 31, 2016 7:45 am

I have seen a similar issue but the solution won't apply to you unless the answer to the following is yes.
Did your previous 1.5 installation of opencart use a database that was migrated from another e-commerce platform, like for example oscommerce?



Thu May 22, 2014 11:31 am
Location - Missouri, USA

Post by docroesner » Thu Mar 31, 2016 8:02 am

no but thanks for caring anyway.
I looked up the code and come to this consideration:

The scripts that apply for resetting the password are:

in customer.php there is called the function
and then obviously
editPassword($email, $password)

getCustomerByCode($code) says:
"SELECT customer_id, firstname, lastname FROM `" . DB_PREFIX . "customer` WHERE code = '" . $this->db->escape($code) . "' AND code != ''"

That is fine but editPassword($email, $password) needs the email in order to update the password to the new value!

I'll go ahead and alter the script into
"SELECT customer_id, firstname, lastname, email FROM `" . DB_PREFIX . "customer` WHERE code = '" . $this->db->escape($code) . "' AND code != ''"
I'll report whether this gets the script working.

User avatar


Sat Jan 21, 2012 11:17 pm

Post by docroesner » Thu Mar 31, 2016 8:29 am

It works as soon as I also modified catalog/controller/account/reset.php where it says
$this->model_account_customer->editPassword($customer_info['customer_id'], $this->request->post['password']);

That cant work since editPassword needs the customer email.
Modify into:
$this->model_account_customer->editPassword($customer_info['email'], $this->request->post['password']);

Together with the adaption in catalog/model/account/customer.php it works as intended.

I wonder why nobody else came across this script error yet!

User avatar


Sat Jan 21, 2012 11:17 pm

Post by EvolveWebHosting » Thu Mar 31, 2016 9:07 am

I think this topic is the same that you're referring to:


24/7/365 support

User avatar


Fri Mar 27, 2015 11:13 pm
Location - Denver, Colorado, USA

Post by docroesner » Thu Mar 31, 2016 10:00 am

yes, kind of.
I prefer using my solution since the password is email associated not necessarily customer_id associated.
When soliciting the password reset, people provide their email address, not their customer_id.
Some customers have more than one customer_id but with the same email address, as I notice.
I do not know what happens when they change the password of one id, the other id remains with the forgotten password?

User avatar


Sat Jan 21, 2012 11:17 pm

Post by shaftoe » Thu Oct 06, 2016 8:34 pm

Excellent solution! Thanks a lot.


Fri May 20, 2016 4:38 pm

Post by huntbee » Wed Nov 02, 2016 5:33 pm

I have developed an ocmod fix to this issue. You can download it for free. ... rt-2-2-0-0

HuntBee OpenCart Services

User avatar


Sun Nov 01, 2015 4:01 am
Location - India

Post by hrm143 » Sat Dec 03, 2016 2:30 am

huntbee wrote:I have developed an ocmod fix to this issue. You can download it for free. ... rt-2-2-0-0 beautifully


Sun Jun 01, 2014 3:16 am

Post by shadowman06 » Sat Mar 11, 2017 3:55 am

docroesner - Have you found or know of the fix for both customer login and password reset.? Neither of mine work. Also is there an issue with HTTPS in the same manner?


Mon Jul 08, 2013 10:15 am
Who is online

Users browsing this forum: No registered users and 19 guests