Guest Posted January 10, 2010 Posted January 10, 2010 Hi, I have been getting a number of emails from customer complaining that the new password they’re sent by forgotten password function is not working. I tested the function myself using a test account and this is what I found: On the forgotten password page I enter my email address in the box and click continue, the site then redirects me to “account/login.html” and says new password has been sent, which is correct (see screenshots below). I retrieve the new password and type it in along with my email address on the “account/login.html” page (as this is where the site redirected me when I clicked contuine on the forgotten password page) and click the sign in button. The site then redirects me back to “password_forgotten.php?action=process” and says: "Error: The E-Mail Address was not found in our records, please try again." even though the password was correct this proven by the fact that it has logged me in, as you can see from the login box in the right column (see screen shot below). If I change the process slightly it works i.e if I retrieve the new password and then login at “account/login.html” by clicking on the link from the homepage the there is no error messages it logs me in no problem and redirects me to My Account Information page. Anyone know what is causing this issue? I would post some code but I’m not sure which file is causing the problem login or forgotten password or something else? Any help would be appreciated. Thanks.
Guest Posted January 15, 2010 Posted January 15, 2010 Still got this problem. It seems to be redirecting to forgotten password with the url "password_forgotten.php?action=process" when the new (correct)password is entered and I don;t know why. :angry: Here is my password_forgotten.php file, can you see what is causing this issue? <?php /* $Id: password_forgotten.php,v 1.50 2003/06/05 23:28:24 hpdl Exp $ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2003 osCommerce Released under the GNU General Public License */ require('includes/application_top.php'); require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_PASSWORD_FORGOTTEN); if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'process')) { $email_address = tep_db_prepare_input($HTTP_POST_VARS['email_address']); $check_customer_query = tep_db_query("select customers_firstname, customers_lastname, customers_password, customers_id from " . TABLE_CUSTOMERS . " where customers_email_address = '" . tep_db_input($email_address) . "'"); if (tep_db_num_rows($check_customer_query)) { $check_customer = tep_db_fetch_array($check_customer_query); $new_password = tep_create_random_value(ENTRY_PASSWORD_MIN_LENGTH); $crypted_password = tep_encrypt_password($new_password); tep_db_query("update " . TABLE_CUSTOMERS . " set customers_password = '" . tep_db_input($crypted_password) . "' where customers_id = '" . (int)$check_customer['customers_id'] . "'"); tep_mail($check_customer['customers_firstname'] . ' ' . $check_customer['customers_lastname'], $email_address, EMAIL_PASSWORD_REMINDER_SUBJECT, sprintf(EMAIL_PASSWORD_REMINDER_BODY, $new_password), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); $messageStack->add_session('login', SUCCESS_PASSWORD_SENT, 'success'); tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL')); } else { $messageStack->add('password_forgotten', TEXT_NO_EMAIL_ADDRESS_FOUND); } } $breadcrumb->add(NAVBAR_TITLE_1, tep_href_link(FILENAME_LOGIN, '', 'SSL')); $breadcrumb->add(NAVBAR_TITLE_2, tep_href_link(FILENAME_PASSWORD_FORGOTTEN, '', 'SSL')); ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?>> <head> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>"> <title><?php echo TITLE; ?></title> <base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>"> <link rel="stylesheet" type="text/css" href="stylesheet.css"> </head> <body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0"> <!-- header //--> <?php require(DIR_WS_INCLUDES . 'header.php'); ?> <!-- header_eof //--> <!-- body //--> <table border="0" width="100%" cellspacing="3" cellpadding="3"> <tr> <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2"> <!-- left_navigation //--> <?php require(DIR_WS_INCLUDES . 'column_left.php'); ?> <!-- left_navigation_eof //--> </table></td> <!-- body_text //--> <td width="100%" valign="top"><?php echo tep_draw_form('password_forgotten', tep_href_link(FILENAME_PASSWORD_FORGOTTEN, 'action=process', 'SSL')); ?><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td class="pageHeading"><?php echo HEADING_TITLE; ?></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php echo mws_header ('Reset your password'); ?> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php if ($messageStack->size('password_forgotten') > 0) { ?> <tr> <td><?php echo $messageStack->output('password_forgotten'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php } ?> <tr> <td><table border="0" width="100%" height="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" height="100%" cellspacing="0" cellpadding="2"> <tr> <td class="main" colspan="2"><?php echo TEXT_MAIN; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td class="main"><?php echo '<b>' . ENTRY_EMAIL_ADDRESS . '</b> ' . tep_draw_input_field('email_address'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> </table></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td><?php echo '<a href="' . tep_href_link(FILENAME_LOGIN, '', 'SSL') . '">' . tep_image_button('button_back.gif', IMAGE_BUTTON_BACK) . '</a>'; ?></td> <td align="right"><?php echo tep_image_submit('button_continue.gif', IMAGE_BUTTON_CONTINUE); ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table></td> </tr> </table></td> </tr> <?php echo mws_footer (''); ?> </table></form></td> <!-- body_text_eof //--> <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2"> <!-- right_navigation //--> <?php require(DIR_WS_INCLUDES . 'column_right.php'); ?> <!-- right_navigation_eof //--> </table></td> </tr> </table> <!-- body_eof //--> <!-- footer //--> <?php require(DIR_WS_INCLUDES . 'footer.php'); ?> <!-- footer_eof //--> <br> </body> </html> <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?>
Jan Zonjee Posted January 15, 2010 Posted January 15, 2010 Still got this problem. It seems to be redirecting to forgotten password with the url "password_forgotten.php?action=process" when the new (correct)password is entered and I don;t know why. Your code is not significantly different than the regular password_forgotten file that comes with osC. Of course the form sends the page to the php page and not the page with the .html extension. So my guess is somewhere in the redirect the entries in the forms get lost. <td width="100%" valign="top"><?php echo tep_draw_form('password_forgotten', tep_href_link(FILENAME_PASSWORD_FORGOTTEN, 'action=process', 'SSL')); ?> I'm not sure if changing the link to tep_href_link('login.html', 'action=process', 'SSL') will help.
Guest Posted January 15, 2010 Posted January 15, 2010 Thanks or the reply Jan. Unfortunately it didn’t work, resulted in a 404 error when I clicked the continue button on the forgotten password page. I don’t think its a problem with the urls as I have a test site running a mirror of the live site but with standard URLs (i.e with no .htmls) and the forgotten password function doesn't work correctly in exactly the same way.
Jan Zonjee Posted January 16, 2010 Posted January 16, 2010 Unfortunately it didn’t work, resulted in a 404 error when I clicked the continue button on the forgotten password page. I wanted to suggest changing the link to tep_href_link('password_forgotten.html', 'action=process', 'SSL') [must have been too late for me already] but on re-reading your posts (a couple of times) I think the problem is not in the password forgotten page but in the login.php page. If you view the HTML source of the page does the login.php page have login.php as the page in the form tag: <!-- body_text //--> <td width="100%" valign="top"><form name="login" action="http://your_site/login.php?action=process" method="post"><table border="0" width="100%" cellspacing="0" cellpadding="0"> It sounds as if the action contains the password_forgotten.php page. Perhaps it might be an HTML issue otherwise? What if you remove the link to that page in the form (comment out the echo): <td class="smallText" colspan="2"><?php // echo '<a href="' . tep_href_link(FILENAME_PASSWORD_FORGOTTEN, '', 'SSL') . '">' . TEXT_PASSWORD_FORGOTTEN . '</a>'; ?></td>
satish Posted January 16, 2010 Posted January 16, 2010 Is there a chance that You modified Your login page. Paste Your login page Satish Ask/Skype for Free osCommerce value addon/SEO suggestion tips for your site. Check My About US For who am I and what My company does.
ozEworks Posted January 17, 2010 Posted January 17, 2010 I might be completely off target here but if they get the new password in their email and the site is not accepting it then it might be as simple as osCommerce's habit of using spaces as part of the password. Sure the new password does not start with a space?
Guest Posted January 17, 2010 Posted January 17, 2010 Hi Jan, I commented out the line of code below in login.php and it resulted in me being redirected back to the homepage (index) when I clicked continue on password_forgotten.php. <td class="smallText" colspan="2"><?php // echo '<a href="' . tep_href_link(FILENAME_PASSWORD_FORGOTTEN, '', 'SSL') . '">' . TEXT_PASSWORD_FORGOTTEN . '</a>'; ?></td> Is there a chance that You modified Your login page. Paste Your login page Satish Hi Satish, I have done small changes all cosmetic I think, oh and added purchase without account conrtib. My login.php file is below: <?php /* $Id: login.php,v 1.80 2003/06/05 23:28:24 hpdl Exp $ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2003 osCommerce Released under the GNU General Public License */ require('includes/application_top.php'); // redirect the customer to a friendly cookie-must-be-enabled page if cookies are disabled (or the session has not started) if ($session_started == false) { tep_redirect(tep_href_link(FILENAME_COOKIE_USAGE)); } require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_LOGIN); $error = false; // Begin PWA if($HTTP_GET_VARS['login'] == 'fail') { $fail_reason = (!empty($HTTP_GET_VARS['reason'])) ? urldecode($HTTP_GET_VARS['reason']): TEXT_LOGIN_ERROR; $messageStack->add('login', $fail_reason); } // end PWA if (isset($HTTP_GET_VARS['action']) && ($HTTP_GET_VARS['action'] == 'process')) { $email_address = tep_db_prepare_input($HTTP_POST_VARS['email_address']); $password = tep_db_prepare_input($HTTP_POST_VARS['password']); // Check if email exists $check_customer_query = tep_db_query("select customers_id, customers_firstname, customers_password, customers_email_address, customers_default_address_id from " . TABLE_CUSTOMERS . " where customers_email_address = '" . tep_db_input($email_address) . "'"); if (!tep_db_num_rows($check_customer_query)) { $error = true; } else { $check_customer = tep_db_fetch_array($check_customer_query); // Check that password is good if (!tep_validate_password($password, $check_customer['customers_password'])) { $error = true; } else { if (SESSION_RECREATE == 'True') { tep_session_recreate(); } $check_country_query = tep_db_query("select entry_country_id, entry_zone_id from " . TABLE_ADDRESS_BOOK . " where customers_id = '" . (int)$check_customer['customers_id'] . "' and address_book_id = '" . (int)$check_customer['customers_default_address_id'] . "'"); $check_country = tep_db_fetch_array($check_country_query); $customer_id = $check_customer['customers_id']; $customer_default_address_id = $check_customer['customers_default_address_id']; $customer_first_name = $check_customer['customers_firstname']; $customer_country_id = $check_country['entry_country_id']; $customer_zone_id = $check_country['entry_zone_id']; tep_session_register('customer_id'); tep_session_register('customer_default_address_id'); tep_session_register('customer_first_name'); tep_session_register('customer_country_id'); tep_session_register('customer_zone_id'); tep_db_query("update " . TABLE_CUSTOMERS_INFO . " set customers_info_date_of_last_logon = now(), customers_info_number_of_logons = customers_info_number_of_logons+1 where customers_info_id = '" . (int)$customer_id . "'"); // restore cart contents $cart_customers_query = tep_db_query("select customers_id from " . TABLE_CUSTOMERS_BASKET . " where customers_basket_date_added != " . date('Ymd')); while ($cart_customers_ids = tep_db_fetch_array($cart_customers_query)) { tep_db_query("delete from " . TABLE_CUSTOMERS_BASKET_ATTRIBUTES . " where customers_id = " . $cart_customers_ids['customers_id']); } tep_db_query("delete from " . TABLE_CUSTOMERS_BASKET . " where customers_basket_date_added < " . date('Ymd')); $cart->restore_contents(); if (sizeof($navigation->snapshot) > 0) { $origin_href = tep_href_link($navigation->snapshot['page'], tep_array_to_string($navigation->snapshot['get'], array(tep_session_name())), $navigation->snapshot['mode']); $navigation->clear_snapshot(); tep_redirect($origin_href); } else { tep_redirect(tep_href_link(FILENAME_DEFAULT)); } } } } if ($error == true) { $messageStack->add('login', TEXT_LOGIN_ERROR); } $breadcrumb->add(NAVBAR_TITLE, tep_href_link(FILENAME_LOGIN, '', 'SSL')); ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?>> <head> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>"> <title><?php echo TITLE; ?></title> <base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>"> <link rel="stylesheet" type="text/css" href="stylesheet.css"> <script language="javascript"><!-- function session_win() { window.open("<?php echo tep_href_link(FILENAME_INFO_SHOPPING_CART); ?>","info_shopping_cart","height=460,width=430,toolbar=no,statusbar=no,scrollbars=yes").focus(); } //--></script> </head> <body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0"> <!-- header //--> <?php require(DIR_WS_INCLUDES . 'header.php'); ?> <!-- header_eof //--> <!-- body //--> <table border="0" width="100%" cellspacing="3" cellpadding="0"> <tr> <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="0"> <!-- left_navigation //--> <!-- left_navigation_eof //--> </table></td> <!-- body_text //--> <td width="100%" valign="top"><?php echo tep_draw_form('login', tep_href_link(FILENAME_LOGIN, 'action=process', 'SSL')); ?><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td class="pageHeading"><?php echo HEADING_TITLE; ?></td> <td class="pageHeading" align="right"><?php echo tep_image(DIR_WS_IMAGES . 'table_background_login.gif', HEADING_TITLE, HEADING_IMAGE_WIDTH, HEADING_IMAGE_HEIGHT); ?></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php if ($messageStack->size('login') > 0) { ?> <tr> <td><?php echo $messageStack->output('login'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php } if ($cart->count_contents() > 0) { ?> <tr> <td class="smallText"><?php echo TEXT_VISITORS_CART; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php } ?> <?php echo mws_header ('Create or login to your account'); ?> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td class="main" width="50%" valign="top"><b><?php echo HEADING_NEW_CUSTOMER; ?></b></td> <td class="main" width="50%" valign="top"><b><?php echo HEADING_RETURNING_CUSTOMER; ?></b></td> </tr> <tr> <td width="50%" height="100%" valign="top"><table border="0" width="100%" height="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" height="100%" cellspacing="0" cellpadding="2"> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td class="main" valign="top"><?php echo TEXT_NEW_CUSTOMER . '<br><br>' . TEXT_NEW_CUSTOMER_INTRODUCTION; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_CREATE_ACCOUNT, '', 'SSL') . '">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table></td> </tr> </table></td> </tr> </table></td> <td width="50%" height="100%" valign="top"><table border="0" width="100%" height="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" height="100%" cellspacing="0" cellpadding="2"> <tr> <td colspan="2"><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td class="main" colspan="2"><?php echo TEXT_RETURNING_CUSTOMER; ?></td> </tr> <tr> <td colspan="2"><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td class="main"><b><?php echo ENTRY_EMAIL_ADDRESS; ?></b></td> <td class="main"><?php echo tep_draw_input_field('email_address'); ?></td> </tr> <tr> <td class="main"><b><?php echo ENTRY_PASSWORD; ?></b></td> <td class="main"><?php echo tep_draw_password_field('password'); ?></td> </tr> <tr> <td colspan="2"><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td class="smallText" colspan="2"><?php echo '<a href="' . tep_href_link(FILENAME_PASSWORD_FORGOTTEN, '', 'SSL') . '">' . TEXT_PASSWORD_FORGOTTEN . '</a>'; ?></td> </tr> <tr> <td colspan="2"><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td colspan="2"><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td align="right"><?php echo tep_image_submit('button_login.gif', IMAGE_BUTTON_LOGIN); ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table></td> </tr> </table></td> </tr> </table></td> </tr> </table></td> </tr> <?php echo mws_footer (''); ?> </td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <!-- this is where PWA mods begin --> <?php if (PWA_ON == 'true') { if (($cart->count_contents() > 0) && (!isset($HTTP_GET_VARS['my_account_f']) || $HTTP_GET_VARS['my_account_f'] !=1)) // only display of box if something in cart { ?> <!-- this for PWA --> <?php echo mws_header ('If you don\'t want an account...'); ?> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <td> <tr> <td class="infoboxHeading"> <?php echo HEADING_CHECKOUT; ?> </td></tr> <tr> <td width="100%" class="main" colspan="3"><?php echo TEXT_CHECKOUT_INTRODUCTION; ?></td> </tr> <tr> <td width="100%" class="main" colspan="3"><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_ORDER_INFO, '', 'SSL') . '">' . tep_image_button('button_checkout.gif', IMAGE_BUTTON_CHECKOUT) . '</a>'; ?> </td> </tr> </td> </tr> </table> </TD></tr> <?php echo mws_footer (''); ?> <?php } ?> <!-- this is the end of the PWA code for this column --> <?php } else { if (PWA_ON == 'false') ?> <tr> <td class="main" width="50%" valign="top"><b><?php echo HEADING_NEW_CUSTOMER; ?></b></td> <td class="main" width="50%" valign="top"><b><?php echo HEADING_RETURNING_CUSTOMER; ?></b></td> </tr> <tr> <td width="50%" height="100%" valign="top"><table border="0" width="100%" height="100%" cellspacing="1" cellpadding="0" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" height="100%" cellspacing="0" cellpadding="0"> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td class="main" valign="top"><?php echo TEXT_NEW_CUSTOMER . '<br><br>' . TEXT_NEW_CUSTOMER_INTRODUCTION; ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td align="right"><?php echo '<a href="' . tep_href_link(FILENAME_CREATE_ACCOUNT, '', 'SSL') . '">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table></td> </tr> </table></td> </tr> </table></td> <td width="50%" height="100%" valign="top"><table border="0" width="100%" height="100%" cellspacing="1" cellpadding="0" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" height="100%" cellspacing="0" cellpadding="0"> <tr> <td colspan="2"><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td class="main" colspan="2"><?php echo TEXT_RETURNING_CUSTOMER; ?></td> </tr> <tr> <td colspan="2"><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td class="main"><b><?php echo ENTRY_EMAIL_ADDRESS; ?></b></td> <td class="main"><?php echo tep_draw_input_field('email_address'); ?></td> </tr> <tr> <td class="main"><b><?php echo ENTRY_PASSWORD; ?></b></td> <td class="main"><?php echo tep_draw_password_field('password'); ?></td> </tr> <tr> <td colspan="2"><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td class="smallText" colspan="2"><?php echo '<a href="' . tep_href_link(FILENAME_PASSWORD_FORGOTTEN, '', 'SSL') . '">' . TEXT_PASSWORD_FORGOTTEN . '</a>'; ?></td> </tr> <tr> <td colspan="2"><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td colspan="2"><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> <td align="right"><?php echo tep_image_submit('button_login.gif', IMAGE_BUTTON_LOGIN); ?></td> <td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td> </tr> </table></td> </tr> </table></td> </tr> </table></td> </tr> <?php } ?> <!-- this is where PWA mods end --> </td> </tr> </table></form></td> <!-- body_text_eof //--> <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2"> <!-- right_navigation //--> <!-- right_navigation_eof //--> </table></td> </tr> </table> <!-- body_eof //--> <!-- footer //--> <?php require(DIR_WS_INCLUDES . 'footer.php'); ?> <!-- footer_eof //--> <br> </body> </html> <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?> I might be completely off target here but if they get the new password in their email and the site is not accepting it then it might be as simple as osCommerce's habit of using spaces as part of the password. Sure the new password does not start with a space? The site is logging the customer in just fine, but it's giving a false error message saying "email address not found in our records". Its funny cos what you said is exactly the same thing I was telling the customers when they first started emailing me complaining (until I tested myself). LOL, DOH!
satish Posted January 17, 2010 Posted January 17, 2010 if (isset($HTTP_GET_VARS ) && ($HTTP_GET_VARS == 'process')) { $email_address = tep_db_prepare_input($HTTP_POST_VARS ); $password = tep_db_prepare_input($HTTP_POST_VARS ); this part from PWA appears to be incorrect. Something is missing. Check PWA contrib and make sure that You have applied proper changes. Satish Ask/Skype for Free osCommerce value addon/SEO suggestion tips for your site. Check My About US For who am I and what My company does.
Guest Posted January 17, 2010 Posted January 17, 2010 if (isset($HTTP_GET_VARS ) && ($HTTP_GET_VARS == 'process')) { $email_address = tep_db_prepare_input($HTTP_POST_VARS ); $password = tep_db_prepare_input($HTTP_POST_VARS ); this part from PWA appears to be incorrect. Something is missing. Check PWA contrib and make sure that You have applied proper changes. Satish I installed PWA years ago but I tracked down which verison I installed and it all seems present and correct. It is Version 0.910. What appears incorrect about it? I can't find the code you quoted in my login.php: :unsure: if (isset($HTTP_GET_VARS ) && ($HTTP_GET_VARS == 'process')) { $email_address = tep_db_prepare_input($HTTP_POST_VARS ); $password = tep_db_prepare_input($HTTP_POST_VARS );
Jan Zonjee Posted January 17, 2010 Posted January 17, 2010 What appears incorrect about it? I can't find the code you quoted in my login.php: :unsure: I haven't compared your version against the one from the contribution but there seem to be two input fields with email_address as name. One in the "regular" osC code on line 204 and one in a code block that is shown if (PWA_ON == 'false') (line 297) on line 343. If there are two input fields with the same name I believe only the last one is used by code. Coming from password_forgotten to that page I can imagine this was not foreseen by the contributors to PWA and things go wrong there.
satish Posted January 18, 2010 Posted January 18, 2010 if (isset($HTTP_GET_VARS ) && ($HTTP_GET_VARS == 'process')) { $email_address = tep_db_prepare_input($HTTP_POST_VARS ); $password = tep_db_prepare_input($HTTP_POST_VARS ); if You look at the above code there is tep_db_prepare_input($HTTP_POST_VARS ); and not tep_db_prepare_input($HTTP_POST_VARS['email_address']); this is what should have been. Also if email_address input field twice then there will be problem as stated by Jan Zonjee $email_address = tep_db_prepare_input($HTTP_POST_VARS['email_address']); $password = tep_db_prepare_input($HTTP_POST_VARS['password']); Ask/Skype for Free osCommerce value addon/SEO suggestion tips for your site. Check My About US For who am I and what My company does.
satish Posted January 18, 2010 Posted January 18, 2010 if (isset($HTTP_GET_VARS ) && ($HTTP_GET_VARS == 'process')) { $email_address = tep_db_prepare_input($HTTP_POST_VARS ); $password = tep_db_prepare_input($HTTP_POST_VARS ); The other day I found this code part in thread today I dont see this.Do U have another thread. Ask/Skype for Free osCommerce value addon/SEO suggestion tips for your site. Check My About US For who am I and what My company does.
Guest Posted January 18, 2010 Posted January 18, 2010 I haven't compared your version against the one from the contribution but there seem to be two input fields with email_address as name. One in the "regular" osC code on line 204 and one in a code block that is shown if (PWA_ON == 'false') (line 297) on line 343. If there are two input fields with the same name I believe only the last one is used by code. Coming from password_forgotten to that page I can imagine this was not foreseen by the contributors to PWA and things go wrong there. I have commented out the second occurrence of the input fields for email address and password and the same problem exists. i.e giving the false error message. This is the code I changed. (I also tried to change the first occurrence but this resulted in the text input boxes not appearing on the page). <tr> <td class="main"><b><?php echo ENTRY_EMAIL_ADDRESS; ?></b></td> <td class="main"><?php echo tep_draw_input_field('email_address'); ?></td> </tr> <tr> <td class="main"><b><?php echo ENTRY_PASSWORD; ?></b></td> <td class="main"><?php echo tep_draw_password_field('password'); ?></td> </tr> to this: <tr> <td class="main"><b><?php // echo ENTRY_EMAIL_ADDRESS; ?></b></td> <td class="main"><?php // echo tep_draw_input_field('email_address'); ?></td> </tr> <tr> <td class="main"><b><?php // echo ENTRY_PASSWORD; ?></b></td> <td class="main"><?php // echo tep_draw_password_field('password'); ?></td> </tr> Is this what you meant Jan or something else?
Guest Posted January 19, 2010 Posted January 19, 2010 Still haven't cracked this. :angry: I have tried uploading a standard oscommerce login.php to my site and the same thing happens, logs in but redirects back to "password_forgotten.php?action=process" and says Error: The E-Mail Address was not found in our records, please try again. Does this mean its not a problem with the login.php file? I have also tried uploading a standard version of the password_forgotten.php file and it produces the same behavior. If these two files are not the cause the problem what else could it be? Any suggestions welcome.
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.