I have recently upgraded to oC 3.0.2.0.
Each time someone now tries to use forgotten password, they are successfully emailed a link click to change password, but after clicking link in email, they are sent to a page which says:
Password reset code is invalid or was used previously!
I can only think that is because is a past customer, and some conflict is arising.
The 'code' column is in the customer table, but was wondering that there might be another column missing.
any help appreciated.
Thanks
Matt
I am n longer receiving 'Password reset code is invalid or was used previously!' alert after fixes carried suggested on this page viewtopic.php?t=160272, and associated page, by editing catalog/model/account/customer.php and changing this bit of code:
to this:
However, once password is updated, its says updated successfully, but actually, not updated at all and can still use old password to log in.
Code: Select all
// public function editPassword($email, $password) {
// $this->db->query("UPDATE " . DB_PREFIX . "customer SET salt = '" . $this->db->escape($salt = token(9)) . "', password = '" . $this->db->escape(sha1($salt . sha1($salt . sha1($password)))) . "', code = '' WHERE LOWER(email) = '" . $this->db->escape(utf8_strtolower($email)) . "'");
// }Code: Select all
public function editPassword($customer_id, $password) {
$this->db->query("UPDATE " . DB_PREFIX . "customer SET salt = '" . $this->db->escape($salt = token(9)) . "', password = '" . $this->db->escape(sha1($salt . sha1($salt . sha1($password)))) . "', code = '' WHERE customer_id = '" . (int)$customer_id . "'");
}Ok, for anyone doing an upgrade from OC 2 to 3.0.2.0, and you have a problem with customers not being able to set up a new password, i followed instructions for OC 2 on these pages:
viewtopic.php?t=160272
viewtopic.php?f=190&t=160186
The bit i missed which meant password looked like was updated, but in fact not (could still use old password to log in) was the edit on controller/account/reset.php:
Change:
to:
$this->model_account_customer->editPassword($customer_info['customer_id'], $this->request->post['password']);
all working now
viewtopic.php?t=160272
viewtopic.php?f=190&t=160186
The bit i missed which meant password looked like was updated, but in fact not (could still use old password to log in) was the edit on controller/account/reset.php:
Change:
Code: Select all
$this->model_account_customer->editPassword($customer_info['email'], $this->request->post['password']);$this->model_account_customer->editPassword($customer_info['customer_id'], $this->request->post['password']);
all working now
Hi all,
I've solve the problem by removing las two characters in email code, there is added some "EI" string after the code. So I edit reset.php, changing
by:
Regards!
I've solve the problem by removing las two characters in email code, there is added some "EI" string after the code. So I edit reset.php, changing
Code: Select all
$customer_info = $this->model_account_customer->getCustomerByCode($code);
Code: Select all
$customer_info = $this->model_account_customer->getCustomerByCode(substr($code, 0, -2));
Last edited by straightlight on Sat Jun 13, 2020 3:20 am, edited 1 time in total.
Reason: Added code tags.
Reason: Added code tags.
The master branch has a bit different way to handle this. The solution has now been added in the pre-release versions.
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
I made all the changes exactly as you mentioned, still getting "Password reset code is invalid or was used previously!" error.mattys wrote: ↑Tue Jul 30, 2019 4:47 pmOk, for anyone doing an upgrade from OC 2 to 3.0.2.0, and you have a problem with customers not being able to set up a new password, i followed instructions for OC 2 on these pages:
viewtopic.php?t=160272
viewtopic.php?f=190&t=160186
The bit i missed which meant password looked like was updated, but in fact not (could still use old password to log in) was the edit on controller/account/reset.php:
Change:
to:Code: Select all
$this->model_account_customer->editPassword($customer_info['email'], $this->request->post['password']);
$this->model_account_customer->editPassword($customer_info['customer_id'], $this->request->post['password']);
all working now
In my case, I had to remove the last 3 characters instead of 2, so weird.lumit wrote: ↑Sat Jun 13, 2020 3:17 amHi all,
I've solve the problem by removing las two characters in email code, there is added some "EI" string after the code. So I edit reset.php, changingby:Code: Select all
$customer_info = $this->model_account_customer->getCustomerByCode($code);Regards!Code: Select all
$customer_info = $this->model_account_customer->getCustomerByCode(substr($code, 0, -2));
I got the same problem I found there is 'The' added to the link, I solved it by changing the file
to:
Code: Select all
catalog\language\en-gb\mail\forgotten.phpCode: Select all
<?php
// Text
$_['text_subject'] = '%s - Password reset request';
$_['text_greeting'] = 'A new password was requested for %s customer account.';
$_['text_change'] = "To reset your password click on the link below:\n\r";
$_['text_ip'] = "\n\r\n\rThe IP used to make this request was:";
Who is online
Users browsing this forum: daniil_oc, OSWorX, WaxedPerfection and 467 guests
