| Author |
Message |
American
New Member
Joined: Mar 14, 2004
Posts: 10
|
 Posted:
Tue May 25, 2004 7:04 am |
 
|
Since one of my sites now has over 5000 users I am starting to receive quite a few "I lost my user ID" requests, which means I have to search my users table in the db for their email address to find the user ID so they can then use their ID for the Lost Password function.
Seems like I saw a mod for the lost password that would enable the user to use their email address to retrieve their ID and/or PW. I have searched high and low and can't seem to find it.
Actually, I would prefer that they have the option to use their ID if known or their email address if they have forgotten their ID.
Can anyone point me to a mod?
Thanks,
Brad |
|
|
|
|
Guardian2003
Site Admin
Joined: Aug 28, 2003
Posts: 6373
Location: Vsetin, Czech Republic
|
| Posted:
Tue May 25, 2004 5:05 pm |
|
Now that sounds like a very useful 'must have' to me! |
|
|
 
|
|
sixonetonoffun
Spouse Contemplates Divorce
Joined: Jan 02, 2003
Posts: 2499
|
| Posted:
Tue May 25, 2004 6:42 pm |
|
|
|
|
|
American
New Member
Joined: Mar 14, 2004
Posts: 10
|
| Posted:
Wed May 26, 2004 7:13 am |
|
| sixonetonoffun wrote: | | http://www.ravenphpscripts.com/modules.php?name=Your_Account&op=pass_lost |
What am I supposed to see there? It's just the normal lost pass page that is part of the Your Account module.
I had seen on one of the forums, nc I think, that Raven was going to write a module like this, since I don't see it in the downloads section here I guess it never happened. Or did it? |
|
|
|
|
|
sixonetonoffun
Spouse Contemplates Divorce
Joined: Jan 02, 2003
Posts: 2499
|
| Posted:
Wed May 26, 2004 7:20 am |
|
I think there is one out floating somewhere.
| Quote: |
Seems like I saw a mod for the lost password that would enable the user to use their email address to retrieve their ID and/or PW. I have searched high and low and can't seem to find it.
|
Which is exacly what the lost password function does. But I'm guessing what you really want is an admin function that allows you to search by username and then resend the users password to the users original email address. |
|
|
|
|
|
American
New Member
Joined: Mar 14, 2004
Posts: 10
|
| Posted:
Wed May 26, 2004 7:38 am |
|
No... as I stated above:
| Quote: | | Actually, I would prefer that they have the option to use their ID if known or their email address if they have forgotten their ID. |
I want the user to be able to do it, if they don't know their user ID then they can't retrieve their password so first they need to retrieve their ID by using their email address. The lost pass page needs to have options for the user to enter their ID and/or their email address. |
|
|
|
|
|
sixonetonoffun
Spouse Contemplates Divorce
Joined: Jan 02, 2003
Posts: 2499
|
| Posted:
Wed May 26, 2004 9:31 am |
|
In Your Account index.php
find
function mail_password($username, $code) {
go down to
$result = $db->sql_query("SELECT user_email, user_password FROM ".$user_prefix."_users WHERE username='$username'");
try this instead (I didn't test it so...)
$result = $db->sql_query("SELECT user_email, user_password FROM ".$user_prefix."_users WHERE username='$username' OR user_email='$username'");
Like I said I didn't test this to see if it works or breaks anything... I'd guess the form field may have to be extended slightly as the limit is 25 chars for nick. |
|
|
|
|
|
American
New Member
Joined: Mar 14, 2004
Posts: 10
|
| Posted:
Wed May 26, 2004 11:39 am |
|
I have this mod to detect bad usernames:
Forgotten Password - invalid user fix:
Around line 642
A simpler fix is to change this lineCode:
if(!$result) {
toCode:
if(!sql_num_rows($result)) {
Sooo. as a result if you enter an invalid/unrecognized user ID it will now tell you.
I added your suggested code and the system SEEMS to recognize the email address as it doesn't give me an unrecognized user ID warning but no email is received.
I wonder though... even if this does work will it only send the user's password and email? A lost pass email states:
The user account 'USERNAME' at YOUR NUKESITE has this email associated with it. A Web user from 24.1.xx.xx has just requested a Confirmation Code to change the password.
Your Confirmation Code is: eoo98303zI
--Now, if the email will still send the username in the first paragragh and not just parrot back the email address given then this will work ok.
If not, then I will really need it to FIRST send them their ID as they will need it anyway THEN they can use the normal lost password function. What I am thinking is adding another table to the right or below with a 'If you have lost or forgotten your User ID then enter your email address associate with your ID and we will send you your ID via email. You will then be able to retrieve your password.' ... or something like that.
If we can just get it to send an email to see what it will spit out then I will be able to tell if this will work ok. I have a feeling it might just do the trick.
Ideas? |
|
|
|
|
|
sixonetonoffun
Spouse Contemplates Divorce
Joined: Jan 02, 2003
Posts: 2499
|
| Posted:
Wed May 26, 2004 2:43 pm |
|
Try this the username should be showing up.
| Code: | function mail_password($username, $code) {
global $sitename, $adminmail, $nukeurl, $user_prefix, $db, $module_name;
$username = check_html($username, nohtml);
$result = $db->sql_query("SELECT user_email, user_password, username FROM ".$user_prefix."_users WHERE username='$username' OR user_email='$username'");
if(!$result) {
include("header.php");
OpenTable();
echo "<center>"._SORRYNOUSERINFO."</center>";
CloseTable();
include("footer.php");
} else {
$host_name = $_SERVER["REMOTE_ADDR"];
$row = $db->sql_fetchrow($result);
$user_email = $row['user_email'];
$user_password = $row['user_password'];
$areyou = substr($user_password, 0, 10);
$username = $row['username'];
if ($areyou==$code) {
$newpass=makepass();
$message = ""._USERACCOUNT." '$username' "._AT." $sitename "._HASTHISEMAIL." "._AWEBUSERFROM." $host_name "._HASREQUESTED."\n\n"._YOURNEWPASSWORD." $newpass\n\n "._YOUCANCHANGE." $nukeurl/modules.php?name=$module_name\n\n"._IFYOUDIDNOTASK."";
$subject = ""._USERPASSWORD4." $username";
mail($user_email, $subject, $message, "From: $adminmail\nX-Mailer: PHP/" . phpversion());
/* Next step: add the new password to the database */
$cryptpass = md5($newpass);
$query = "UPDATE ".$user_prefix."_users SET user_password='$cryptpass' WHERE username='$username' OR user_email='$username'";
if (!$db->sql_query($query)) {
echo ""._UPDATEFAILED."";
}
include ("header.php");
OpenTable();
echo "<center>"._PASSWORD4." $username "._MAILED."<br><br>"._GOBACK."</center>";
CloseTable();
include ("footer.php");
/* If no Code, send it */
} else {
$username = check_html($username, nohtml);
$result2 = $db->sql_query("SELECT user_email, user_password, username FROM ".$user_prefix."_users WHERE username='$username'");
if(!$result2) {
include ("header.php");
OpenTable();
echo "<center>"._SORRYNOUSERINFO."</center>";
CloseTable();
include ("footer.php");
} else {
$host_name = $_SERVER["REMOTE_ADDR"];
$row2 = $db->sql_fetchrow($result2);
$user_email = $row2['user_email'];
$user_password = $row2['user_password'];
$areyou = substr($user_password, 0, 10);
$username = $row2['username'];
$message = ""._USERACCOUNT." '$username' "._AT." $sitename "._HASTHISEMAIL." "._AWEBUSERFROM." $host_name "._CODEREQUESTED."\n\n"._YOURCODEIS." $areyou \n\n"._WITHTHISCODE." $nukeurl/modules.php?name=$module_name&op=pass_lost\n"._IFYOUDIDNOTASK2."";
$subject=""._CODEFOR." $username";
mail($user_email, $subject, $message, "From: $adminmail\nX-Mailer: PHP/" . phpversion());
include ("header.php");
OpenTable();
echo "<center>"._CODEFOR." $username "._MAILED."<br><br>"._GOBACK."</center>";
CloseTable();
include ("footer.php");
}
}
}
}
|
|
Last edited by sixonetonoffun on Wed May 26, 2004 5:19 pm; edited 1 time in total |
|
|
|
|
American
New Member
Joined: Mar 14, 2004
Posts: 10
|
| Posted:
Wed May 26, 2004 4:02 pm |
|
BRAVO! Got the email and it has the user ID in the subject and body. Now all I have to do is change up the language file a bit with new instuctions and I'm done.
sixonetonoffun .. YOU DA MAN!
One of us needs to add the mod for the invalid user code plus what you have added here and make it available on a few of the sites. |
|
|
|
|
|
sixonetonoffun
Spouse Contemplates Divorce
Joined: Jan 02, 2003
Posts: 2499
|
| Posted:
Wed May 26, 2004 4:49 pm |
|
Naw pretty basic stuff there. Feel free to add alter distribute. Check back later I have one more addition I just wanna check it with CS or Raven first. (Not functional just another check). |
|
|
|
|
|
American
New Member
Joined: Mar 14, 2004
Posts: 10
|
| Posted:
Wed May 26, 2004 4:56 pm |
|
Basic if your a php coder... which I am not. I modified/cleaned up the english language files in /modules/Your_Account/language and in the 'root' language folder (changed nickname to User ID and Lost Password to Lost ID or Password) then updated my FAQ section. No more 'I lost my user ID' emails for me to track down! 
I may post a link to my updated language and index.php files here and at NC.
Thanks again! |
|
|
|
|
|
American
New Member
Joined: Mar 14, 2004
Posts: 10
|
| Posted:
Wed May 26, 2004 5:05 pm |
|
You can download the files here: |
|
|
|
|
|
sixonetonoffun
Spouse Contemplates Divorce
Joined: Jan 02, 2003
Posts: 2499
|
| Posted:
Wed May 26, 2004 5:18 pm |
|
In that case let me jump back in here Before each database query add this line. No one looks at this function much but its better to be safe here then sorry.
$username = check_html($username, nohtml);
I updated the post above to reflect that change. |
|
|
|
|
|
American
New Member
Joined: Mar 14, 2004
Posts: 10
|
| Posted:
Wed May 26, 2004 5:25 pm |
|
Ok... uploaded to my site and tested.. .works fine. I uploaded it to the link above as well. Good to go.
BTW.. I have this on a 6.9 site and on a 7.1 site... both work fine. |
|
|
|
|
|
|
|
|
|
![[Valid RSS]](http://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
:: 
::
