We build. You grow.

Get best community software here

Start a social network, a fan-site, an education project with oxwall - free opensource community software

Get started
Google+

forgotten password not working for users | Forum

Topic location: Forum home » Support » General Questions
Richard Carr
Richard Carr Feb 2 '13
Hi 


It seems the forgot password option is not working for my website. It sends the e-mail but the links do not work.


The first link leads to an error saying Unfortunately you reset code is invalid or expired. Please follow the link and try to reset it again.


The manual code then is invalid if you try this option...


Anybody know hoe to fix this or if there is a way for admin to find user passwords to give it to them?

#1
Purusothaman Ramanujam
Purusothaman Ramanujam Feb 3 '13
Yes.. This is an issue with one of my client.

There is no way to find the user password as its encrypted in the database.
#2
Alia Team
Alia Feb 3 '13
Richard check following topics:

http://www.oxwall.org/forum/topic/7803 ;

http://www.oxwall.org/forum/topic/2495

In standard Oxwall installation passwords are vaild for 1 hour, giving that CRON is configured properly.

>>there is a way for admin to find user passwords to give it to them?

There is no way for admin to find out user's password.
But you can change the pass via database. Table you are looking for is called ow_base_user.
1. Create a test user yourself, remember his passwords. Let's say the passwords is "testpass".
2. Find your test user in ow_base_user table, copy  his hashed passwords value.
3. Find the user who forgot his pass in the same table, paste copied hash password's value.
Now the user who forgot the pass has a new pass "testpass". Send this password to him.



#3
Jobee Bendijo
Jobee Bendijo Apr 13 '14
Wow, what a chain of links that never seem to end.

Nevermind all of the above.
Here is the fix, plain and simple:


ow_system_plugins/base/bol/user_reset_password_dao.php


At line 104

$example->andFieldGreaterThan(self::EXPIRATION_TS, time());

to this

$example->andFieldGreaterThan(self::EXPIRATION_TS, time() + 3600);


3600 = 1hr


#4
ross Team
ross May 12 '14
Justin, can you please specify what have you indicated as a time value: 

$example->andFieldGreaterThan(self::EXPIRATION_TS, time());


in ow_system_plugins/base/bol/user_reset_password_dao.php


and how often have you tried to restore your password


Also what you have in ow_system_plugins/base/cron.php , here: 

  $this->addJob('deleteExpiredPasswordResetCodes', 10); Is it 10 or something else?

#5
Jobee Bendijo
Jobee Bendijo Jun 30 '14
Yep, now reset passwords don't work for my site anymore after I did the hack. Back where I started. 


Ross: $this->addJob('deleteExpiredPasswordResetCodes', 10);


Mine shows 10, should it be something else?

#6
ross Team
ross Jul 3 '14
What hack did you do?
#7
Jobee Bendijo
Jobee Bendijo Jul 10 '14
I did this, and it worked for a time, now it no longer works:


ow_system_plugins/base/bol/user_reset_password_dao.php


At line 104

$example->andFieldGreaterThan(self::EXPIRATION_TS, time());

to this

$example->andFieldGreaterThan(self::EXPIRATION_TS, time() + 3600);


3600 = 1hr

#8
Start | Demo | About | Policies & Licenses | Blog | Contact Us | Oxwall Foundation | Roadmap | Developer Central | Oxwall hosting | Contribute | Partners | Donation | Community software | Dating software
© Copyright Oxwall Software
Oxwall Community Software