Forgotten password email problem (General)
Hello
CAN'T ANYONE HELP?
Yes, everyone (except Alex) can't help. (wrong negotiation?)
... but, that is not true.
I think I know the code wich cause the error. All facts are based on mlf 2.1.1.
The facts:
- generate a random string, a SHA1-hash based on the random string and push these data into the database and via email to the user
- get back a request from the link in the email, make a comparision of the hashed code from the database and the random string from the email (URL-parameter
code), if the comparision is successfull send a second email with the now generated password (at this point the error occurs!)
- log in with the data from the second email
There is a difference between the ways, the two emails are sended. First one is sended via the function my_mail (includes/functions.inc.php, line 2052) where the headers and the subject are processed before sending the email. The second email is sended direct via mail (includes/login.inc.php, line 254). Headers are processed in a different way, so the error will be included in the source code of the email.
Please backup the file forum/includes/login.inc.php and change the content as follows. the first shown line ($lang['new_pw_email_txt'] ...) is 242.
includes/login.inc.php (old):
$lang['new_pw_email_txt'] = str_replace("[name]", $field['user_name'], $lang['new_pw_email_txt']); $lang['new_pw_email_txt'] = str_replace("[password]", $new_pw, $lang['new_pw_email_txt']); $lang['new_pw_email_txt'] = str_replace("[login_link]", $settings['forum_address'].basename($_SERVER['PHP_SELF'])."?mode=login&username=".urlencode($field['user_name'])."&userpw=".$new_pw, $lang['new_pw_email_txt']); $lang['new_pw_email_txt'] = $lang['new_pw_email_txt']; $header = "From: ".my_mb_encode_mimeheader($settings['forum_name'], CHARSET, "Q")." <".$settings['forum_email'].">". MAIL_HEADER_SEPARATOR; $header .= "Content-Type: text/plain; charset=" . CHARSET . MAIL_HEADER_SEPARATOR; $header .= "Content-transfer-encoding: 8bit". MAIL_HEADER_SEPARATOR; $new_pw_mailto = my_mb_encode_mimeheader($field['user_name'], CHARSET, "Q")." <".$field['user_email'].">"; if($settings['mail_parameter']!='') { if (@mail($new_pw_mailto, my_mb_encode_mimeheader($lang['new_pw_email_sj'], CHARSET, "Q"), $lang['new_pw_email_txt'], $header,$settings['mail_parameter'])) { header("location: index.php?mode=login&login_message=pw_sent"); die("<a href=\"index.php?mode=login&login_message=pw_sent\">further...</a>"); } else die($lang['mail_error']); } else { if (@mail($new_pw_mailto, my_mb_encode_mimeheader($lang['new_pw_email_sj'], CHARSET, "Q"), $lang['new_pw_email_txt'], $header)) { header("location: index.php?mode=login&login_message=pw_sent"); die("<a href=\"index.php?mode=login&login_message=pw_sent\">further...</a>"); } else die($lang['mail_error']); }
includes/login.inc.php (new):
$lang['new_pw_email_txt'] = str_replace("[name]", $field['user_name'], $lang['new_pw_email_txt']); $lang['new_pw_email_txt'] = str_replace("[password]", $new_pw, $lang['new_pw_email_txt']); $lang['new_pw_email_txt'] = str_replace("[login_link]", $settings['forum_address'].basename($_SERVER['PHP_SELF'])."?mode=login&username=".urlencode($field['user_name'])."&userpw=".$new_pw, $lang['new_pw_email_txt']); $lang['new_pw_email_txt'] = $lang['new_pw_email_txt']; $new_pw_mailto = my_mb_encode_mimeheader($field['user_name'], CHARSET, "Q")." <".$field['user_email'].">"; if(my_mail($new_pw_mailto, $lang['new_pw_email_sj'], $lang['new_pw_email_txt'])) { header("location: index.php?mode=login&login_message=pw_sent"); die("<a href=\"index.php?mode=login&login_message=pw_sent\">further...</a>"); } else die($lang['mail_error']); }
The check if($settings['mail_parameter']!=''), wich is including the whole mail sending code in the old version of the file, is present inside the function my_mail. So it is not needed at this location anymore.
Please try it and leave a message here.
Tschö, Auge
![[*]](themes/default/images/complete_thread.png "Open whole thread"){kind=small}