Hi All
I have done an upgrade from 2.0.3.1 to 2.2.0.0.
Customers are now unable to login and the forgotten password link works and send the reset email to them, they then use the link in the email and they get a success message.
But they still cant login. I have looked at the oc_customer db table and using my own login to test, I can clearly see the password hash does not get changed and the salt is empty.
So by the looks of it the forgotten password does not actually update the database.....
Any ideas?
Kinds Roger
Looks like a bug:
controller/account/reset.php sends parameter customer_id:
model/account/customer.php -> editPassword expects parameter $email:
controller/account/reset.php sends parameter customer_id:
Code: Select all
$this->model_account_customer->editPassword($customer_info['customer_id'], $this->request->post['password']);Code: Select all
public function editPassword($email, $password) {As function getCustomerByCode returns only customer_id and first and last name, you have to change in model/account/customer.php:
Into:
Code: Select all
public function editPassword($email, $password) {
$this->db->query("UPDATE " . DB_PREFIX . "customer SET salt = '" . $this->db->escape($salt = token(9)) . "', password = '" . $this->db->escape(sha1($salt . sha1($salt . sha1($password)))) . "', code = '' WHERE LOWER(email) = '" . $this->db->escape(utf8_strtolower($email)) . "'");
}
Code: Select all
public function editPassword($customer_id, $password) {
$this->db->query("UPDATE " . DB_PREFIX . "customer SET salt = '" . $this->db->escape($salt = token(9)) . "', password = '" . $this->db->escape(sha1($salt . sha1($salt . sha1($password)))) . "', code = '' WHERE customer_id = '" . (int)$customer_id . "'");
}I've experienced the same. Thank you for the information.
Opencart Hosting Plans, Domain Registration, Microsoft and Google Email and More
Visit our website for great deals and most importantly, fast and friendly support - www.evolvewebhosting.com
Active Member
I have a similar issue, and tried this fix, but came up with an error regarding the "code" part. Can someone help me with this? This is my code:
When I try it, I get this error:
"Notice: Error: Unknown column 'code' in 'field list'
Error No: 1054
Warning: Cannot modify header information - headers already sent by "
Had to delete part of the specifics, as this site keeps blocking me for pasting PHP output in here.
Any clues? Also, I am on 2.1.0.1, NOT 2.2, so it looks like things are a little different.
Thanks.
Code: Select all
public function editPassword($customer_id, $password) {
$this->event->trigger('pre.customer.edit.password');
$this->db->query("UPDATE " . DB_PREFIX . "customer SET salt = '" . $this->db->escape($salt = token(9)) . "', password = '" . $this->db->escape(sha1($salt . sha1($salt . sha1($password)))) . "', code = '' WHERE customer_id = '" . (int)$customer_id . "'");
$this->event->trigger('post.customer.edit.password');
}
"Notice: Error: Unknown column 'code' in 'field list'
Error No: 1054
Warning: Cannot modify header information - headers already sent by "
Had to delete part of the specifics, as this site keeps blocking me for pasting PHP output in here.
Any clues? Also, I am on 2.1.0.1, NOT 2.2, so it looks like things are a little different.
Thanks.
So.. I followed the change in customer.php - and it worked!!! BUT... as soon as I tried to change the password once logged in - it DID NOT change the password.
When the forgot password didn't work, the change password when logged in worked fine.
Now that the forgot password worked, the change password when logged in doesn't work.
Did that happen to you guys as well?
When the forgot password didn't work, the change password when logged in worked fine.
Now that the forgot password worked, the change password when logged in doesn't work.
Did that happen to you guys as well?
You followed wrong item. Every guy who follow above code and changed to $customer_id instead of $email will have same problem. Right thing is to pass customer email in parameter.meeka wrote:So.. I followed the change in customer.php - and it worked!!! BUT... as soon as I tried to change the password once logged in - it DID NOT change the password.
When the forgot password didn't work, the change password when logged in worked fine.
Now that the forgot password worked, the change password when logged in doesn't work.
Did that happen to you guys as well?
I have developed an ocmod fix for this issue. You can get it for free.
http://www.huntbee.com/fix-for-password ... rt-2-2-0-0
http://www.huntbee.com/fix-for-password ... rt-2-2-0-0
HuntBee OpenCart Services
https://www.huntbee.com
well, Registration and Download worked, but it displayed an error atop of the checkout Page, just to mention it! 
Ernie
Ernie
Code: Select all
Notice: Undefined index: cart_id in /home/content/69/10176169/html/huntbee.com/vqmod/vqcache/vq2-system_storage_modification_catalog_controller_checkout_success.php on line 9My Github OC Site: https://github.com/IP-CAM
5'600 + FREE OC Extensions, on the World's largest private Github OC Repository Archive Site.
Use this VQmod XML to fix this issue:
Also make sure to have a field named 'code' (varchar(40) in your 'oc_customer' DB table.
Code: Select all
<modification>
<id>Bugfixes for customer account reset</id>
<version>2.2.x-1.0</version>
<vqmver>2.5.1</vqmver>
<author>mhccorp.com</author>
<file name="catalog/controller/account/reset.php">
<operation>
<search position="replace"><![CDATA[$this->model_account_customer->editPassword($customer_info['customer_id'],]]></search>
<add><![CDATA[$this->model_account_customer->editPassword($customer_info['email'],]]></add>
</operation>
</file>
<file name="catalog/model/account/customer.php">
<operation>
<search position="replace"><![CDATA[$query = $this->db->query("SELECT customer_id, firstname, lastname]]></search>
<add><![CDATA[$query = $this->db->query("SELECT customer_id, firstname, lastname, email]]></add>
</operation>
</file>
</modification>
Export/Import Tool * SpamBot Buster * Unused Images Manager * Instant Option Price Calculator * Number Option * Google Tag Manager * Survey Plus * OpenTwig
Who is online
Users browsing this forum: o3445 and 86 guests
