[SOLVED] Lost /Recover Password via email: PHPFusion 6 Support

Home
Search

Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site, or upgrade to a Web browser that does support JavaScript.

Ok so lets say you forget you password. You click on the forgotten password link at the login and type in your email and presto it says it will be sending you an email.

Here is what I get looking at my mail on line via webmail (XXXX censors any real details)

Code Download source

[i][b]Hello admin,

You have or someone has requested a new password to access your Unreal Tournament Army account.

To change your password please click the following link:

email=XXXXX@clanuta.com&account=XXXXXXXXXXXXXXXXXXXXXXXXXXX" target="_blank">http://www.clanuta.com/fusion/php-files/lostpassword.php?email=XXXXX@clanuta.com&account=XXXXXXXXXXXXXXXXXXXXXXXXXXX

Regards,
ClanuTa-Admin[/b][/i]

Why it breaks up the url, I don't know.

- - - - - - - - - - -

When I open up the email in a very old version of outlook I get:

Code Download source

[i][b]Hello admin,

You have or someone has requested a new password to access your Unreal Tournament Army account.

To change your password please click the following link:

http://www.clanuta.com/fusion/php-files/lostpassword.php?email=XXXXX@clanuta.com&account=XXXXXXXXXXXXXXXXXXXXXXXXXXX

Regards,
ClanuTa-Admin[/b][/i]

- - - - - - - - - - -

Something that doesn't make a whole lot of sense is when I finally manage to click the correct link or simply copy and paste it in a URL... it just take me back to the main page (news.php) and has absolutely no option on changing my password or resetting it via email.

I haven't touched my Fusion except when it needs to be updated which I'm currently using v6.01.11. Comments / Support?

Any help would be appreciated.

Edited by Sveinungs on 29-07-2007 21:35, 17 y

0 replies

Quote

Something that doesn't make a whole lot of sense is when I finally manage to click the correct link or simply copy and paste it in a URL... it just take me back to the main page (news.php) and has absolutely no option on changing my password or resetting it via email.

I think that PHPFusion should send another e-mail to you with the new password, and no form asking you to type your new password will be shown. Did you receive this e-mail?

0 replies

Quote

irvision wrote:I think that PHPFusion should send another e-mail to you with the new password, and no form asking you to type your new password will be shown. Did you receive this e-mail?

The only one that I received is the one I've copied and pasted above. I assumed that once you clicked the link it would take you back to the Fusion site you forgot your password at and there would be a table telling you that a password is being generated and will arrive via email.

No such luck since apparently it's just taking me back to the main page. This is why I think something is fishy with my Fusion and I'm not quite sure where the problem lies. :|

0 replies

I just registered a (test) account at your site. Awaiting admin approval, then I can test it on my own :)

0 replies

Access Granted.

Thanks Svein! :D

0 replies

OK, well I tried the lost password function. The link in the first email seems OK, but - like you said - it does not do trigger what it supposed to.

I tested this in a couple of other sites running v.6.01.11, and the exact same problem occurs there. So we need to look into the v.6.01.11 upgrade to see if that is the cause of the problem.
Lost password works in 6.01.10.

Nice if somebody else cares to check their Lost password too, to verify the problem.

0 replies

I'd really do appreciate the DEV's looking into the problem at hand. B)

0 replies

I have the same problem at my website (I'm using the very latest version of Fusion 6.01.11). I keep getting members emailing me telling me the "Lost Password" feature doesn't work, with the same results happening to them as described by utadexter above.

To help them out I've been manually going into the Admin and giving them a new password and emailing them back with this new password and letting them know that they can change it using the "Edit Profile" link once they've signed in.

I'd appreciate hearing if there's a fix to this problem as well.

Steve

0 replies

It's the function cleanurl($url) in maincore that suddenly causes the lost password not to work.

To get it working i had to find in maincore.php (remove the # which i had to add to display entity):

Code Download source

// Clean URL Function, prevents entities in server globals
function cleanurl($url) {
   $bad_entities = array("&", "\"", "'", '\"', "\'", "<", ">", "(", ")");
   $safe_entities = array("[color=red][b]&#amp;[/b][/color]", "", "", "", "", "", "", "", "");
   $url = str_replace($bad_entities, $safe_entities, $url);
   return $url;
}

Replace with:

Code Download source

// Clean URL Function, prevents entities in server globals
function cleanurl($url) {
   $bad_entities = array("&", "\"", "'", '\"', "\'", "<", ">", "(", ")");
   $safe_entities = array("&", "", "", "", "", "", "", "", "");   // & causing link not to work, link works if replaced with &
   $url = str_replace($bad_entities, $safe_entities, $url);
   return $url;
}

Not sure if the modification will break any of the security fix that was the cause in the first place for the updated maincore in 6.01.11, so Digi better give you the final solution.

0 replies

Falk

answered 15 Jul 2007 at 09:19 PM

Super Admin

lostpassword.php needed modifying, see news.

0 replies

Thanks for the update guys. Everything works perfectly. B)

0 replies

I can't seem to find this update anywhere? When I'm linked to the dl page it only has 6.01.11, which I'm already running.

0 replies

If you replace lostpassword.php with the new one (found in the 6.01.11 DL) you're OK :)
No problem.

0 replies

the one in php-files? I just tried that and got the same results, i.e. it just sent me back to the main forum page.

0 replies

If you're running v6.01.11 from a fresh install, your lostpassword should work just fine.

You'll need to look into your Adminpanel -> System -> Main settings and set your Site URL and Site e-mail correct for registration and lost password to work.

If you have done this already, and still cant get this to work, please post a link to your site so we might take a look at it. We'll get to the bottom of this.

0 replies

It's

http://www.lunarwars.net; I didn't do the install (that was a while ago I think) so I don't know how 'fresh' it is. ;-)

Registration still works, but lost password doesn't.

Thanks for taking the time to help with this!

0 replies

NP, that's what this forum is about.

OK, well, here's a link to the current lostpassword.php, from the CVS, try THIS one m8

0 replies

Nope, copied that up and it still kicks me to the main page.

0 replies

Category Forum

Bugs and Errors - 6

Labels

None yet

Statistics

Views 0 views
Posts 17 posts
Votes 0 votes
Topic users 7 members

0 participants

Notifications

Track thread

You are not receiving notifications from this thread.

[SOLVED] Lost /Recover Password via email

17 posts

PHPFusion

Resources

Community

Development