Hello
CAN'T ANYONE HELP?
Yes, everyone (except Alex) can't help. (wrong negotiation?)
... but, that is not true.
I think I know the code wich cause the error. All facts are based on mlf 2.1.1.
The facts:
- generate a random string, a SHA1-hash based on the random string and push these data into the database and via email to the user
- get back a request from the link in the email, make a comparision of the hashed code from the database and the random string from the email (URL-parameter
code
), if the comparision is successfull send a second email with the now generated password (at this point the error occurs!)
- log in with the data from the second email
There is a difference between the ways, the two emails are sended. First one is sended via the function my_mail
(includes/functions.inc.php, line 2052) where the headers and the subject are processed before sending the email. The second email is sended direct via mail
(includes/login.inc.php, line 254). Headers are processed in a different way, so the error will be included in the source code of the email.
Please backup the file forum/includes/login.inc.php and change the content as follows. the first shown line ($lang['new_pw_email_txt']
...) is 242.
includes/login.inc.php (old):
$lang['new_pw_email_txt'] = str_replace("[name]", $field['user_name'], $lang['new_pw_email_txt']);
$lang['new_pw_email_txt'] = str_replace("[password]", $new_pw, $lang['new_pw_email_txt']);
$lang['new_pw_email_txt'] = str_replace("[login_link]", $settings['forum_address'].basename($_SERVER['PHP_SELF'])."?mode=login&username=".urlencode($field['user_name'])."&userpw=".$new_pw, $lang['new_pw_email_txt']);
$lang['new_pw_email_txt'] = $lang['new_pw_email_txt'];
$header = "From: ".my_mb_encode_mimeheader($settings['forum_name'], CHARSET, "Q")." <".$settings['forum_email'].">". MAIL_HEADER_SEPARATOR;
$header .= "Content-Type: text/plain; charset=" . CHARSET . MAIL_HEADER_SEPARATOR;
$header .= "Content-transfer-encoding: 8bit". MAIL_HEADER_SEPARATOR;
$new_pw_mailto = my_mb_encode_mimeheader($field['user_name'], CHARSET, "Q")." <".$field['user_email'].">";
if($settings['mail_parameter']!='')
{
if (@mail($new_pw_mailto, my_mb_encode_mimeheader($lang['new_pw_email_sj'], CHARSET, "Q"), $lang['new_pw_email_txt'], $header,$settings['mail_parameter']))
{
header("location: index.php?mode=login&login_message=pw_sent");
die("<a href=\"index.php?mode=login&login_message=pw_sent\">further...</a>");
}
else die($lang['mail_error']);
}
else
{
if (@mail($new_pw_mailto, my_mb_encode_mimeheader($lang['new_pw_email_sj'], CHARSET, "Q"), $lang['new_pw_email_txt'], $header))
{
header("location: index.php?mode=login&login_message=pw_sent");
die("<a href=\"index.php?mode=login&login_message=pw_sent\">further...</a>");
}
else die($lang['mail_error']);
}
includes/login.inc.php (new):
$lang['new_pw_email_txt'] = str_replace("[name]", $field['user_name'], $lang['new_pw_email_txt']);
$lang['new_pw_email_txt'] = str_replace("[password]", $new_pw, $lang['new_pw_email_txt']);
$lang['new_pw_email_txt'] = str_replace("[login_link]", $settings['forum_address'].basename($_SERVER['PHP_SELF'])."?mode=login&username=".urlencode($field['user_name'])."&userpw=".$new_pw, $lang['new_pw_email_txt']);
$lang['new_pw_email_txt'] = $lang['new_pw_email_txt'];
$new_pw_mailto = my_mb_encode_mimeheader($field['user_name'], CHARSET, "Q")." <".$field['user_email'].">";
if(my_mail($new_pw_mailto, $lang['new_pw_email_sj'], $lang['new_pw_email_txt']))
{
header("location: index.php?mode=login&login_message=pw_sent");
die("<a href=\"index.php?mode=login&login_message=pw_sent\">further...</a>");
}
else die($lang['mail_error']);
}
The check if($settings['mail_parameter']!='')
, wich is including the whole mail sending code in the old version of the file, is present inside the function my_mail. So it is not needed at this location anymore.
Please try it and leave a message here.
Tschö, Auge