|
Admin reset user password problem When a ReviewPost Administrator resets a user password, the user password is reset to a temporary password, and the user receives the following email: You just requested that your password be reset at XXXXXX. As you can see the new password field is blank, which then makes it rather hard for the user to log in with his/her new password. I checked to see if the new password really is a blank password, and it isn't - the user can't log in with a blank password. There seems to be a bug in the generation of the email such that the temporary password is not included in the email. Note that if a user uses the "forgot password" link to obtain a new temporary password then they correctly receive an email and it does contain the temporary password, and they can log in successfully with it. So this problem is limited only to the situation where an Admin resets a users password from the Admin screens using the Edit Users link. Thanks for your assistance. Matt PXL Graphics |
what version of the software are you using? Try downloading the build and upgrading sounds to me like an old bug I know we fixed. |
We first purchased and downloaded ReviewPost from the members download area on 29th September. According to the Admin Screen Database statistics we are using version 3.33. Thanks for your assistance Matt PXL Graphics |
I checked in the members area, and version 3.33 is the latest version of ReviewPost available to download, so this is not an old bug. |
Try in languages/english/emails.php this line Code: Content visible to verified customers only.Code: Content visible to verified customers only. |
That change resolved the problem. Thanks for your assistance. Matt PXL Graphics |
enjoy your day my friend let us know if you need anything else. |
Chuck - I've tried this patch on 3.3. It fixes the admin reset problem, but then the "Forgot Password" method comes back with a hex string. Is there a proper fix for both methods? Also, we noticed two users with the same email. Looks like "Edit Profile" does not check if a new email is already in use like registration does. Is there a fix for that, too? Thanks! |
Zig we are on version 5.0 I would suggest you check out the new code and see any fixes. |
I was afraid you might say that. How long has 5.0 been out? Where can I try it out without installing? When will 5.1 be ready? We didn't go live with 4.x, because we had too many issues with it. |
Zig Reviewpost 3.3 was released like 3.5 years ago so your many code branches behind. You can download the new code and compare the member.php files and check out differences but its hard for me to comment on software that is that outdated. |
Thanks for the suggestion. I think I have a fix for the password issue, but I would like to test 5.0 to see if I can get the same email address in two different user accounts from Edit Profile. Is there an instance of 5.0 I can try this on? |
You would need to setup some test environment I suppose to do whatever you are wanting to do. |
I think we will wait for 5.1. BTW, I was able to reuse an existing email address when editing a user profile in RP 4.04, resulting in two users with the same email address. Do you think that's a security issue, or do you think that's okay? |
I dont think there has ever been a check when editing a profile to check if emails are already used or not so not really an issue just not something that was ever coded in. Not something that would be hard to do in a future version. |
| All times are GMT -5. The time now is 05:34 AM. |
Powered by vBulletin® Version 3.8.1
Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.2.0