I have recently upgraded to oC 3.0.2.0.
Each time someone now tries to use forgotten password, they are successfully emailed a link click to change password, but after clicking link in email, they are sent to a page which says:
Password reset code is invalid or was used previously!
I can only think that is because is a past customer, and some conflict is arising.
The 'code' column is in the customer table, but was wondering that there might be another column missing.
any help appreciated.
Thanks
Matt
Each time someone now tries to use forgotten password, they are successfully emailed a link click to change password, but after clicking link in email, they are sent to a page which says:
Password reset code is invalid or was used previously!
I can only think that is because is a past customer, and some conflict is arising.
The 'code' column is in the customer table, but was wondering that there might be another column missing.
any help appreciated.
Thanks
Matt
I am n longer receiving 'Password reset code is invalid or was used previously!' alert after fixes carried suggested on this page viewtopic.php?t=160272, and associated page, by editing catalog/model/account/customer.php and changing this bit of code:
to this:
However, once password is updated, its says updated successfully, but actually, not updated at all and can still use old password to log in.
Code: Select all
// public function editPassword($email, $password) {
// $this->db->query("UPDATE " . DB_PREFIX . "customer SET salt = '" . $this->db->escape($salt = token(9)) . "', password = '" . $this->db->escape(sha1($salt . sha1($salt . sha1($password)))) . "', code = '' WHERE LOWER(email) = '" . $this->db->escape(utf8_strtolower($email)) . "'");
// }
Code: Select all
public function editPassword($customer_id, $password) {
$this->db->query("UPDATE " . DB_PREFIX . "customer SET salt = '" . $this->db->escape($salt = token(9)) . "', password = '" . $this->db->escape(sha1($salt . sha1($salt . sha1($password)))) . "', code = '' WHERE customer_id = '" . (int)$customer_id . "'");
}
Ok, for anyone doing an upgrade from OC 2 to 3.0.2.0, and you have a problem with customers not being able to set up a new password, i followed instructions for OC 2 on these pages:
viewtopic.php?t=160272
viewtopic.php?f=190&t=160186
The bit i missed which meant password looked like was updated, but in fact not (could still use old password to log in) was the edit on controller/account/reset.php:
Change:
to:
$this->model_account_customer->editPassword($customer_info['customer_id'], $this->request->post['password']);
all working now
viewtopic.php?t=160272
viewtopic.php?f=190&t=160186
The bit i missed which meant password looked like was updated, but in fact not (could still use old password to log in) was the edit on controller/account/reset.php:
Change:
Code: Select all
$this->model_account_customer->editPassword($customer_info['email'], $this->request->post['password']);
$this->model_account_customer->editPassword($customer_info['customer_id'], $this->request->post['password']);
all working now
Hi all,
I've solve the problem by removing las two characters in email code, there is added some "EI" string after the code. So I edit reset.php, changing
by:
Regards!
I've solve the problem by removing las two characters in email code, there is added some "EI" string after the code. So I edit reset.php, changing
Code: Select all
$customer_info = $this->model_account_customer->getCustomerByCode($code);
Code: Select all
$customer_info = $this->model_account_customer->getCustomerByCode(substr($code, 0, -2));
Last edited by straightlight on Sat Jun 13, 2020 3:20 am, edited 1 time in total.
Reason: Added code tags.
Reason: Added code tags.
The master branch has a bit different way to handle this. The solution has now been added in the pre-release versions.
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
I made all the changes exactly as you mentioned, still getting "Password reset code is invalid or was used previously!" error.mattys wrote: ↑Tue Jul 30, 2019 4:47 pmOk, for anyone doing an upgrade from OC 2 to 3.0.2.0, and you have a problem with customers not being able to set up a new password, i followed instructions for OC 2 on these pages:
viewtopic.php?t=160272
viewtopic.php?f=190&t=160186
The bit i missed which meant password looked like was updated, but in fact not (could still use old password to log in) was the edit on controller/account/reset.php:
Change:
to:Code: Select all
$this->model_account_customer->editPassword($customer_info['email'], $this->request->post['password']);
$this->model_account_customer->editPassword($customer_info['customer_id'], $this->request->post['password']);
all working now
In my case, I had to remove the last 3 characters instead of 2, so weird.lumit wrote: ↑Sat Jun 13, 2020 3:17 amHi all,
I've solve the problem by removing las two characters in email code, there is added some "EI" string after the code. So I edit reset.php, changingby:Code: Select all
$customer_info = $this->model_account_customer->getCustomerByCode($code);
Regards!Code: Select all
$customer_info = $this->model_account_customer->getCustomerByCode(substr($code, 0, -2));
I got the same problem I found there is 'The' added to the link, I solved it by changing the file
to:
Code: Select all
catalog\language\en-gb\mail\forgotten.php
Code: Select all
<?php
// Text
$_['text_subject'] = '%s - Password reset request';
$_['text_greeting'] = 'A new password was requested for %s customer account.';
$_['text_change'] = "To reset your password click on the link below:\n\r";
$_['text_ip'] = "\n\r\n\rThe IP used to make this request was:";
Who is online
Users browsing this forum: daniil_oc, OSWorX, WaxedPerfection and 467 guests