We build. You grow.

Get best community software here

Start a social network, a fan-site, an education project with oxwall - free opensource community software

Reset password codes not working (hacked code to solve it) [To test] | Forum

Juan
Juan Dec 14 '13
I found that users couldn't reset their passwords, getting 'invalid code' error after receiving the email message with the instructions.

After looking at the default table: ow_base_user_reset_password, I saw how entries got deleted right away after sending the email (I'm using SMTP, cron every minute, etc). So very strange behaviour... indeed the codes are invalid because by the time the mail is sent, the entry with the code is deleted.

So I hacked around and modified this file:

ow_system_plugins/base/bol/user_reset_password_dao.php

At the end of the file I modified:
$example->andFieldGreaterThan(self::EXPIRATION_TS, time());
by
$example->andFieldGreaterThan(self::EXPIRATION_TS, time() + 3600);

So I give a 1 hour (3600 secs) expiration time for codes instead of "just greater than current time"... and then my users could reset their passwords correctly at least within an hour of receiving their codes via email.

But this is a weird hack to do to get this to work... probably something strange on my setup/options/plugin order/whatever.

If this can help developers, I'm using Spanish language, config. date format (day/month/year) instead of default month/day/year and timezone / server time seems OK to me.

Regards,

Juan
The Forum post is edited by Juan Dec 18 '13
Omari
Omari Dec 14 '13
Thanks Juan i will try this
Alia Team
Alia Dec 16 '13
Hello Juan, thanks for the report.
We will look into this.
I dont know
I dont know Feb 20 '14
No it does not work


ross Team
ross Feb 27 '14
Kumar, what version of oxwall do you use?
UrbAn
UrbAn May 5 '14
Good move Juan,


That should be settable somewhere on the Admin panel.


UrbAn


UrbAn
UrbAn May 9 '14
Most people report that issue... it is critical.
ross Team
ross May 12 '14
Justin, can you please specify what have you indicated as a time value: 

$example->andFieldGreaterThan(self::EXPIRATION_TS, time());


in ow_system_plugins/base/bol/user_reset_password_dao.php


and how often have you tried to restore your password


Also what you have in ow_system_plugins/base/cron.php , here: 

  $this->addJob('deleteExpiredPasswordResetCodes', 10); Is it 10 or something else?