Jump to content
  • Checkout
  • Login
  • Get in touch


The e-commerce.

[Contribution] Admin Send New Password V1


Recommended Posts

Written for osCommerce v2.2MS1/CVS

(not tested with other versions but, should

be compatible)


This mod enables the administrator to send a customer a new password.

It works like forgotten password in the customer catalog -

but this is just to save explaining to the customer how to get a new password!


Time to install : 5mins



Link to comment
Share on other sites

I am still working on the graphics for this mod and struggling!!


Dose anybody know where I can get the PSD template for the XP style button in Admin becuase at the minute this mod only has a text link!


Also - This would come in handy for my other mods...




Link to comment
Share on other sites



I have already include several contributions, but for this one I?am too stupid ;)


What I have to do with the password_forgotten.php file ?

The readme says, I have only to add them in file in the admin directory, but where ?


Or do I have to replace the file with the one out of the zip ?


Then I get this error

Fatal error: Cannot redeclare tep_encrypt_password() in /var/www/.../shop/admin/includes/functions/password_funcs.php on line 33



Can somebody helps me please, or send me his password_forgotten.php file to Andreas.Hannig@gmx.de ?



Thank you



Link to comment
Share on other sites

Which OSC Version are you using?


Also - the password_forgotten.php file from the zip just simply needs to be placed in the admin directory - there should be no file already there with this name!!



Link to comment
Share on other sites

Hello Warren,


sorry I forgot, I use MS1.

I haven?t remembered that I have installed the "Admin Account with Access Level", thats why I have already a password_forgotten.php file.


The Best way is to code around, that it should use for exampe a file named "password_user_forgotten.php" - but the error exists then too.






Link to comment
Share on other sites



I coded it now, that it uses the FILENAME of the application_top, not a hardcoded one.


But I don?t know how the solve the error:

The code in password_funcs.php is:

// This funstion validates a plain text password with an

// encrpyted password

 function tep_validate_password($plain, $encrypted) {

   if (tep_not_null($plain) && tep_not_null($encrypted)) {

// split apart the hash / salt

     $stack = explode(':', $encrypted);

     if (sizeof($stack) != 2) return false;

     if (md5($stack[1] . $plain) == $stack[0]) {

       return true;



   return false;



// This function makes a new password from a plaintext password. 

 function tep_encrypt_password($plain) {

   $password = '';

   for ($i=0; $i<10; $i++) {

     $password .= tep_rand();


   $salt = substr(md5($password), 0, 2);

   $password = md5($salt . $plain) . ':' . $salt;

   return $password;




But this is the code from only the admin level contribution, where is the code form this password_forgotten contribution?


The default MS1 doesn?t have the password_funcs.php file, but the password_forgotten contribution needs it. In the readme of it, there is nothing how I have to create them. So I can?t compare the two needed version and get it together.






Link to comment
Share on other sites

OK - Andreas - Seems you are the onlyone having probs - I use the admin levels myself!!


Anyway to fix YOURSELF up - Download the flowing file and use that as your password_forgotten.php in admin. (Remember to rename to ".php" instead of ".php.txt")




Download TXT Here

Link to comment
Share on other sites

Hello Warren,


thank you, its running now. The only differnce was that you leave out the function "tep_encrypt_password" in password_forgotten.php file.


Thats why it was redeclared and i don?t noticed it.


You separated the password_forgotten.php file too, or ? Otherwise it wouldn?t work, to get the password mailed, if I don?t know my admin login any more.






Link to comment
Share on other sites

  • 1 year later...

I really like this contribution. I have a question about it though. The admin sends the user a new password. The user can log into their account with this new password. However, when the user goes to their account to change their new password to something they'll remember. Before the user can change the password, the system will not allow them to use the new password. It wants the one that they had before you sent them another one. More than likely the person doesn't know that password or you wouldn't of had to send them another one. This is what happened when I tested the contribution.


Maybe I did something wrong. But I just thought I would leave you guys with something to think about.

Link to comment
Share on other sites

  • 4 months later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Create New...