Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> How To's
Author Message
American
New Member
New Member



Joined: Mar 14, 2004
Posts: 10

PostPosted: Tue May 25, 2004 7:04 am Reply with quote

Since one of my sites now has over 5000 users I am starting to receive quite a few "I lost my user ID" requests, which means I have to search my users table in the db for their email address to find the user ID so they can then use their ID for the Lost Password function.

Seems like I saw a mod for the lost password that would enable the user to use their email address to retrieve their ID and/or PW. I have searched high and low and can't seem to find it.

Actually, I would prefer that they have the option to use their ID if known or their email address if they have forgotten their ID.

Can anyone point me to a mod?

Thanks,

Brad
 
View user's profile Send private message
Guardian2003
Site Admin



Joined: Aug 28, 2003
Posts: 6799
Location: Ha Noi, Viet Nam

PostPosted: Tue May 25, 2004 5:05 pm Reply with quote

Now that sounds like a very useful 'must have' to me!
 
View user's profile Send private message Send e-mail
sixonetonoffun
Spouse Contemplates Divorce



Joined: Jan 02, 2003
Posts: 2496

PostPosted: Tue May 25, 2004 6:42 pm Reply with quote

[ Only registered users can see links on this board! Get registered or login! ]
 
View user's profile Send private message
American







PostPosted: Wed May 26, 2004 7:13 am Reply with quote

sixonetonoffun wrote:
http://www.ravenphpscripts.com/modules.php?name=Your_Account&op=pass_lost


What am I supposed to see there? It's just the normal lost pass page that is part of the Your Account module.

I had seen on one of the forums, nc I think, that Raven was going to write a module like this, since I don't see it in the downloads section here I guess it never happened. Or did it?
 
sixonetonoffun







PostPosted: Wed May 26, 2004 7:20 am Reply with quote

I think there is one out floating somewhere.

Quote:

Seems like I saw a mod for the lost password that would enable the user to use their email address to retrieve their ID and/or PW. I have searched high and low and can't seem to find it.


Which is exacly what the lost password function does. But I'm guessing what you really want is an admin function that allows you to search by username and then resend the users password to the users original email address.
 
American







PostPosted: Wed May 26, 2004 7:38 am Reply with quote

No... as I stated above:

Quote:
Actually, I would prefer that they have the option to use their ID if known or their email address if they have forgotten their ID.


I want the user to be able to do it, if they don't know their user ID then they can't retrieve their password so first they need to retrieve their ID by using their email address. The lost pass page needs to have options for the user to enter their ID and/or their email address.
 
sixonetonoffun







PostPosted: Wed May 26, 2004 9:31 am Reply with quote

In Your Account index.php

find
function mail_password($username, $code) {
go down to
$result = $db->sql_query("SELECT user_email, user_password FROM ".$user_prefix."_users WHERE username='$username'");

try this instead (I didn't test it so...)
$result = $db->sql_query("SELECT user_email, user_password FROM ".$user_prefix."_users WHERE username='$username' OR user_email='$username'");

Like I said I didn't test this to see if it works or breaks anything... I'd guess the form field may have to be extended slightly as the limit is 25 chars for nick.
 
American







PostPosted: Wed May 26, 2004 11:39 am Reply with quote

I have this mod to detect bad usernames:

Forgotten Password - invalid user fix:

Around line 642

A simpler fix is to change this lineCode:
if(!$result) {
toCode:
if(!sql_num_rows($result)) {

Sooo. as a result if you enter an invalid/unrecognized user ID it will now tell you.

I added your suggested code and the system SEEMS to recognize the email address as it doesn't give me an unrecognized user ID warning but no email is received.

I wonder though... even if this does work will it only send the user's password and email? A lost pass email states:

The user account 'USERNAME' at YOUR NUKESITE has this email associated with it. A Web user from 24.1.xx.xx has just requested a Confirmation Code to change the password.

Your Confirmation Code is: eoo98303zI

--Now, if the email will still send the username in the first paragragh and not just parrot back the email address given then this will work ok.

If not, then I will really need it to FIRST send them their ID as they will need it anyway THEN they can use the normal lost password function. What I am thinking is adding another table to the right or below with a 'If you have lost or forgotten your User ID then enter your email address associate with your ID and we will send you your ID via email. You will then be able to retrieve your password.' ... or something like that.

If we can just get it to send an email to see what it will spit out then I will be able to tell if this will work ok. I have a feeling it might just do the trick.

Ideas?
 
sixonetonoffun







PostPosted: Wed May 26, 2004 2:43 pm Reply with quote

Try this the username should be showing up.
Code:
function mail_password($username, $code) { 

    global $sitename, $adminmail, $nukeurl, $user_prefix, $db, $module_name;
    $username = check_html($username, nohtml);
    $result = $db->sql_query("SELECT user_email, user_password, username FROM ".$user_prefix."_users WHERE username='$username' OR user_email='$username'");
    if(!$result) {
   include("header.php");
   OpenTable();
   echo "<center>"._SORRYNOUSERINFO."</center>";
   CloseTable();
   include("footer.php");
    } else {
   $host_name = $_SERVER["REMOTE_ADDR"];
   $row = $db->sql_fetchrow($result);
   $user_email = $row['user_email'];
   $user_password = $row['user_password'];
   $areyou = substr($user_password, 0, 10);
        $username = $row['username'];
   if ($areyou==$code) {
       $newpass=makepass();
       $message = ""._USERACCOUNT." '$username' "._AT." $sitename "._HASTHISEMAIL."  "._AWEBUSERFROM." $host_name "._HASREQUESTED."\n\n"._YOURNEWPASSWORD." $newpass\n\n "._YOUCANCHANGE." $nukeurl/modules.php?name=$module_name\n\n"._IFYOUDIDNOTASK."";
       $subject = ""._USERPASSWORD4." $username";
       mail($user_email, $subject, $message, "From: $adminmail\nX-Mailer: PHP/" . phpversion());
       /* Next step: add the new password to the database */
       $cryptpass = md5($newpass);
       $query = "UPDATE ".$user_prefix."_users SET user_password='$cryptpass' WHERE username='$username' OR user_email='$username'";
       if (!$db->sql_query($query)) {
          echo ""._UPDATEFAILED."";
       }
       include ("header.php");
       OpenTable();
       echo "<center>"._PASSWORD4." $username "._MAILED."<br><br>"._GOBACK."</center>";
       CloseTable();
       include ("footer.php");
   /* If no Code, send it */
   } else { 
       $username = check_html($username, nohtml);
       $result2 = $db->sql_query("SELECT user_email, user_password, username FROM ".$user_prefix."_users WHERE username='$username'");
       if(!$result2) {
      include ("header.php");
      OpenTable();
           echo "<center>"._SORRYNOUSERINFO."</center>";
      CloseTable();
      include ("footer.php");
       } else {
           $host_name = $_SERVER["REMOTE_ADDR"];
         $row2 = $db->sql_fetchrow($result2);
           $user_email = $row2['user_email'];
         $user_password = $row2['user_password'];
           $areyou = substr($user_password, 0, 10);
                $username = $row2['username'];
          $message = ""._USERACCOUNT." '$username' "._AT." $sitename "._HASTHISEMAIL." "._AWEBUSERFROM." $host_name "._CODEREQUESTED."\n\n"._YOURCODEIS." $areyou \n\n"._WITHTHISCODE." $nukeurl/modules.php?name=$module_name&op=pass_lost\n"._IFYOUDIDNOTASK2."";
      $subject=""._CODEFOR." $username";
      mail($user_email, $subject, $message, "From: $adminmail\nX-Mailer: PHP/" . phpversion());
      include ("header.php");
      OpenTable();
      echo "<center>"._CODEFOR." $username "._MAILED."<br><br>"._GOBACK."</center>";
      CloseTable();
      include ("footer.php");
           }       
   }
    }
}


Last edited by sixonetonoffun on Wed May 26, 2004 5:19 pm; edited 1 time in total 
American







PostPosted: Wed May 26, 2004 4:02 pm Reply with quote

BRAVO! Got the email and it has the user ID in the subject and body. Now all I have to do is change up the language file a bit with new instuctions and I'm done.

sixonetonoffun .. YOU DA MAN!

One of us needs to add the mod for the invalid user code plus what you have added here and make it available on a few of the sites.
 
sixonetonoffun







PostPosted: Wed May 26, 2004 4:49 pm Reply with quote

Naw pretty basic stuff there. Feel free to add alter distribute. Check back later I have one more addition I just wanna check it with CS or Raven first. (Not functional just another check).
 
American







PostPosted: Wed May 26, 2004 4:56 pm Reply with quote

Basic if your a php coder... which I am not. I modified/cleaned up the english language files in /modules/Your_Account/language and in the 'root' language folder (changed nickname to User ID and Lost Password to Lost ID or Password) then updated my FAQ section. No more 'I lost my user ID' emails for me to track down! Very Happy

I may post a link to my updated language and index.php files here and at NC.

Thanks again!
 
American







PostPosted: Wed May 26, 2004 5:05 pm Reply with quote

You can download the files here: [ Only registered users can see links on this board! Get registered or login! ]
 
sixonetonoffun







PostPosted: Wed May 26, 2004 5:18 pm Reply with quote

In that case let me jump back in here Before each database query add this line. No one looks at this function much but its better to be safe here then sorry.
$username = check_html($username, nohtml);
I updated the post above to reflect that change.
 
American







PostPosted: Wed May 26, 2004 5:25 pm Reply with quote

Ok... uploaded to my site and tested.. .works fine. I uploaded it to the link above as well. Good to go.

BTW.. I have this on a 6.9 site and on a 7.1 site... both work fine.
 
doffer83
Worker
Worker



Joined: Apr 17, 2011
Posts: 117
Location: Amsterdam

PostPosted: Mon Feb 11, 2013 5:00 pm Reply with quote

please can you look at my code and check it what's wrong

Code:



function mail_password($username, $code) {
    global $sitename, $adminmail, $nukeurl, $user_prefix, $db, $module_name;
   $username = substr(htmlspecialchars(str_replace("\'", "'", trim($username))), 0, 25);
   $username = rtrim($username, "\\");   
   $username = str_replace("'", "\'", $username);       
    $sql = "SELECT user_email, user_password FROM ".$user_prefix."_users WHERE username='$username' OR user_email='$user_email'";
    $result = $db->sql_query($sql);
    if($db->sql_numrows($result) == 0) {
   include("header.php");
   OpenTable();
   echo "<center>"._SORRYNOUSERINFO."</center>";
   CloseTable();
   include("footer.php");
    } else {
      $host_name = $_SERVER['REMOTE_ADDR'];
   $row = $db->sql_fetchrow($result);
      $user_email = filter($row['user_email'], "nohtml");
   $user_password = $row['user_password'];
    $user_password = htmlspecialchars($user_password);   
   $areyou = substr($user_password, 0, 10);
   if ($areyou==$code) {
       $newpass=makepass();
       $message = ""._USERACCOUNT." '$username' "._AT." $sitename "._HASTHISEMAIL."  "._AWEBUSERFROM." $host_name "._HASREQUESTED."\r\n\r\n"._YOURNEWPASSWORD." $newpass\r\n\r\n "._YOUCANCHANGE." $nukeurl/modules.php?name=$module_name\r\n\r\n"._IFYOUDIDNOTASK."";
       $subject = ""._USERPASSWORD4." $username";
         $headers .= "MIME-Version: 1.0\n";
$headers .= "Content-type: text/html; charset=windows-1256\n";
       mail($user_email, $subject, $message, "From: $adminmail\r\nX-Mailer: PHP/" . phpversion());
       /* Next step: add the new password to the database */
       $cryptpass = md5($newpass);
       $query = "UPDATE ".$user_prefix."_users SET user_password='$cryptpass' WHERE username='$username' OR user_email='$user_email'";
       if (!$db->sql_query($query)) {
          echo ""._UPDATEFAILED."";
       }
       include("header.php");
       OpenTable();
       echo "<center>"._PASSWORD4." $username "._MAILED."<br><br>"._GOBACK."</center>";
       CloseTable();
       include("footer.php");
   /* If no Code, send it */
   } else {
       $sql = "SELECT user_email, user_password FROM ".$user_prefix."_users WHERE username='$username'";
       $result = $db->sql_query($sql);
          if($db->sql_numrows($result) == 0) {
      include("header.php");
      OpenTable();
           echo "<center>"._SORRYNOUSERINFO."</center>";
      CloseTable();
      include("footer.php");
       } else {
            $host_name = $_SERVER['REMOTE_ADDR'];
         $row = $db->sql_fetchrow($result);
            $user_email = filter($row['user_email'], "nohtml");
         $user_password = $row['user_password'];
           $areyou = substr($user_password, 0, 10);
$headers .= "MIME-Version: 1.0\n";
$headers .= "Content-type: text/html; charset=windows-1256\n";
          $message = ""._USERACCOUNT." '$username' "._AT." $sitename "._HASTHISEMAIL." "._AWEBUSERFROM." $host_name "._CODEREQUESTED."\r\n\r\n"._YOURCODEIS." $areyou \r\n\r\n"._WITHTHISCODE." $nukeurl/modules.php?name=$module_name&op=pass_lost\r\n"._IFYOUDIDNOTASK2."";
   
   $subject=""._CODEFOR." $username";
      mail($user_email, $subject, $message, "From: $adminmail\r\nX-Mailer: PHP/" . phpversion());
      include("header.php");
      OpenTable();
      echo "<center>"._CODEFOR." $username "._MAILED."<br><br>"._GOBACK."</center>";
      CloseTable();
      include("footer.php");
           }      
   }
    }
}


I have tried the example and the present code.. but when I want recovery password by mail.. I get error no user founded

this is the form

Code:
OpenTable();

            echo "<table width=\"100%\" cellspacing=\"0\" cellpadding=\"5\" border=\"0\"><tr>";
            echo "<form action=\"modules.php?name=$module_name\" method=\"post\">\n";
            echo "<td colspan=\"2\"><img src=\"modules/$module_name/images/warning.png\" align=\"left\" width=\"40\" height=\"40\">";
            echo "<font class=\"content\"><b>"._PASSWORDLOST."</b> "._NOPROBLEM."</td></tr><tr><td width=\"100%\">";

            echo "<table border=\"0\">\n";
            echo "<tr><td align='right'>"._NICKNAME.":</td><td><input type=\"text\" name=\"username\" size=\"15\" maxlength=\"25\"></td></tr>\n";
            echo "<tr><td colspan='2' align='center'><b>--"._OR."--</b></td></tr>\n";
            echo "<tr><td align='right'>"._EMAIL.":</td><td><input type=\"text\" name=\"user_email\" size=\"15\" maxlength=\"50\"></td></tr>\n";
            echo "<tr><td>"._CONFIRMATIONCODE.":</td><td><input type=\"text\" name=\"code\" size=\"11\" maxlength=\"10\"></td></tr></table><br>\n";

            echo "</td><td valign=\"top\">";

            echo "<input type=\"hidden\" name=\"op\" value=\"mailpasswd\">\n";
            echo "<input type=\"submit\" value=\""._SENDPASSWORD."\"><br>\n";
// removed by menelaos dot hetnet dot nl
//          echo "<center><font class=\"content\">[ <a href=\"modules.php?name=$module_name\">"._USERLOGIN."</a> | <a href=\"modules.php?name=$module_name&op=new_user\">"._REGNEWUSER."</a> ]</font></center>\n";

            echo "</td></form></tr></table>";
            CloseTable();

_________________
We are sorry that Tony Soprano is dead, We wish Assad the Syrian maffia boss had died instead. RIP Tony 
View user's profile Send private message Visit poster's website
Guardian2003







PostPosted: Tue Feb 12, 2013 12:48 pm Reply with quote

Please don't hijack other peoples threads, it makes it really hard for those that use the search functions to find what they want, especially as this thread is about 8 years old and any information is probably obselete. Smile

I have no way to test that code because it's php-nuke stuff and I won't install it BUT I'm wondering if you are trying to get a password reset for an admin account? You cannot request a password reset for an admin account.
If that is not the case, put your code back how it was originally (If you have changed it) because this thread was for php-nuke 69 / 7.1 Turn error reporting on and see what error messages (if any) you get.
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> How To's

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©