Bug #22181
closed
Forgot Password link not working in felogin
0%
Description
When clicking on the forgot password link, the title Forgot Password? appears along with the filed to enter the Email address. Clicking on the Reset Password button does not change the page, it just comes back to the status with the Forgot Password? title, the field for entering the Email address, and the Reset Password button. The email is never sent.
I spent some time trying to figure this out and fix the problem myself, but did not succeed so far. I was able to deliberately force sending the Email with a hack to [if ($postedHash === $hashData['forgothash'])] and the Email was sent just fine, but this was not the solution by any means.
I have the latest WEC 4.3.1 package installed: wec_starter_install-4_3_1-1_0_0. I thought I may have messed something up with some bad Typoscript so set up a second test site with a brand new WEC installation and it has the same problem.
I have not figured out how this script is supposed to work exactly, but I am wondering if there is some confusion between the use of forgothash and forgot_hash.
Any help would be greatly appreciated!
(issue imported from #M13652)
Files
Updated by Mario Näther about 14 years ago
add this line to the ###FORGOT_FORM### Subpart in your HTML-Template
<input type="hidden" name="tx_felogin_pi1[forgot_hash]" value="###FORGOTHASH###" />
Updated by Ken Hanson about 14 years ago
I tried this:
add this line to the ###FORGOT_FORM### Subpart in your HTML-Template
<input type="hidden" name="tx_felogin_pi1[forgot_hash]" value="###FORGOTHASH###" />
...and it still appears to have the same behavior. I have attached the new modified template file.
Updated by Ken Hanson about 14 years ago
Oh I see you attached felogin.tmpl.html. This did not work either. The behavior appears to be the same.
Updated by Mario Näther about 14 years ago
I use TYPO3 4.3.2 and it works fine... without any changes in felogin plugin....
A notice: The hidden forgot_hash field is twice at the "template.html " template file!
Updated by Ken Hanson about 14 years ago
Thanks for the note about the duplicated hidden field, I need to pay better attention.
I tried the felogin from 4.3.2, same problem. It still uses felogin version 1.3.0. Perhaps my Web hosting does not have all of the required components installed. It must be working fine for everyone else because no one else is complaining. I downgraded my felogin extension version down to 1.0.0 (not recommended, I am not aware of the consequences) and it temporarily solves my problem until I find the real fix.
Can anyone tell me if there are any known security or compatibility issues when running felogin 1.0.0 on Typo3 4.3.1? It seems to be functioning correctly.
Updated by Ken Hanson about 14 years ago
I have attached my phpinfo genereated from my Web server. As far as I can see it has all of the required components. I cannot see that it would be a Typo3 configuration problem when a brand new WEC install had the same problem. I guess I am going to have to step through class.tx_felogin_pi1.php again and determine the exact point of failure.
Could someone tell me each step in how the forgot password process normally flows for version 1.3.0? This will help me greatly.
Updated by Felix Nagel about 14 years ago
I can confirm this problem. Updated one of our installation from 4.2.x to 4.3.2, FeLogin version is 1.3.0.
Did you found out some solution? I will try to locate the error myself, but some hint where to start / take a look would be very useful.
Updated by Ken Hanson about 14 years ago
Sorry it took me so long to respond. No I did not find a solution, and I did not revisit stepping through the script yet. I am hoping someone will be able to explain the correctly working process or tell me where to find it because it will help me find the problem much easier. Unfortunately the felogin 1.3.0 code is not thoroughly commented. The temporary workaround using felogin 1.0.0 is working without any issues so far. I am currently trying to finish up a huge project and I will revisit this later.
Here is the path to the script to get started: typo3/sysext/felogin/pi1/class.tx_felogin_pi1.php
Updated by Simplicity GmbH about 14 years ago
I had the same problem - the forgot password feature did not work.
We have md5 passwords enabled (Ext: kb_md5fepw). I found a bugfix in a forum which worked for me.
/typo3_src-4.3.2/typo3/sysext/felogin/pi1/class.tx_felogin_pi1.php
At line 269 change:
$newPass = $postData['password1'];
to
$newPass = t3lib_extMgm::isLoaded('kb_md5fepw')?md5($postData['password1']):$postData['password1'];
Updated by Mario Näther about 14 years ago
do not use the "kb_md5fepw" with TYPO 3 4.3 !
I have installed:
TYPO3 4.3.2
felogin 1.3
rsaauth 1.0
saltedpasswords 1.0
without "kb_md5fepw" Extension
add this line to localconf.php !?
$TYPO3_CONF_VARS['FE']['loginSecurityLevel'] = 'rsa';
this configuration works fine by me
Updated by Erik Sokoll almost 14 years ago
Here in our installation without kb_md5fepw the localisation and sending of a new password does not work at all.
TYPO3 4.3.3
felogin 1.3.0
Moreover:
sr_feuser_register 2.5.25
...but this has nothing to do about this issue.
[UPDATE] Well I probably should remark that we updatetd from TYPO3 4.3.x to 4.3.3 so I had to use the new template.html.
Updated by Dennis Shewmaker over 13 years ago
For other people that have this issue.
1. I had this issue and it was fixed by using the new template under:
typo3/sysext/felogin/template.html
And then redoing the formatting.
Make sure you edit the felogin template and not sr_feuser_register template.
2. Go into the extension manager and then felogin. Make sure you have the hashing field added in the database and update the database if necessary.
This issue does not appear to be an open issue if you do the 2 steps above.
Updated by Dmitry Dulepov over 12 years ago
- Status changed from New to Closed
- Target version deleted (
0) - TYPO3 Version set to 4.7
Not a bug but a wrong template on the user's side.