I found that users couldn't reset their passwords, getting 'invalid code' error after receiving the email message with the instructions.
After looking at the default table: ow_base_user_reset_password, I saw how entries got deleted right away after sending the email (I'm using SMTP, cron every minute, etc). So very strange behaviour... indeed the codes are invalid because by the time the mail is sent, the entry with the code is deleted.
So I hacked around and modified this file:
ow_system_plugins/base/bol/user_reset_password_dao.php
At the end of the file I modified:
$example->andFieldGreaterThan(self::EXPIRATION_TS, time());
by
$example->andFieldGreaterThan(self::EXPIRATION_TS, time() + 3600);
So I give a 1 hour (3600 secs) expiration time for codes instead of "just greater than current time"... and then my users could reset their passwords correctly at least within an hour of receiving their codes via email.
But this is a weird hack to do to get this to work... probably something strange on my setup/options/plugin order/whatever.
If this can help developers, I'm using Spanish language, config. date format (day/month/year) instead of default month/day/year and timezone / server time seems OK to me.
Regards,
Juan
We build. You grow.
Get best community software hereStart a social network, a fan-site, an education project with oxwall - free opensource community software
Reset password codes not working (hacked code to solve it) [To test] | Forum
Team
Team
Team ross
May 12 '14
Justin, can you please specify what have you indicated as a time value:
$example->andFieldGreaterThan(self::EXPIRATION_TS, time());
in ow_system_plugins/base/bol/user_reset_password_dao.php
and how often have you tried to restore your password
Also what you have in ow_system_plugins/base/cron.php , here:
$this->addJob('deleteExpiredPasswordResetCodes', 10); Is it 10 or something else?
