Mysidia Adoptables Support Forum
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

Mysidia Adoptables Support Forum (http://www.mysidiaadoptables.com/forum/index.php)
-   Questions and Supports (http://www.mysidiaadoptables.com/forum/forumdisplay.php?f=18)
-   -   ACP Password Change Bug (http://www.mysidiaadoptables.com/forum/showthread.php?t=4960)

Hwona 12-29-2015 01:39 AM
ACP Password Change Bug
 
Hello! I might be the only one, but has anyone else noticed that if you try and change a user's password via the acp, the user later can't log in with the new or the old password? I'm experimenting with v.1.3.3, but when I checked the v.1.3.4 list of fixed bugs, this wasn't mentioned. Does anyone else have this issue or know how to fix it?

PHP Code:
<?php

class ACPUserController extends AppController{

    const PARAM "uid";
    private $view;
    private $subController;
    
    public function __construct(){
        parent::__construct();
        $mysidia Registry::get("mysidia");
        if($mysidia->usergroup->getpermission("canmanageusers") != "yes"){
            throw new NoPermissionException("You do not have permission to manage users.");
        }    
    }
    
    public function index(){
        parent::index();
        $mysidia Registry::get("mysidia");
        $document $mysidia->frame->getDocument();        
        $stmt $mysidia->db->select("users", array());        
        $fields = array("uid""username""email""ip""usergroup""uid::edit""uid::delete");
        
        $userTable = new TableBuilder("user");
        $userTable->setAlign(new Align("center""middle"));
        $userTable->buildHeaders("uid""Username""Email""IP""Usergroup""Edit""Delete");
        $userTable->setHelper(new UserTableHelper);
        $userTable->setMethod($fields[1], "getProfileLink");
        $userTable->setMethod($fields[5], "getEditLink");
        $userTable->setMethod($fields[6], "getDeleteLink");
        $userTable->buildTable($stmt$fields);
        $document->add($userTable);    
    }
    
    public function add(){
        throw new InvalidActionException($mysidia->lang->global_action);
    }
    
    public function edit(){
        $mysidia Registry::get("mysidia");
        $document $mysidia->frame->getDocument();
        if(!$mysidia->input->get("uid")){
            $this->index();
            return;
        }
        $user = new Member($mysidia->input->get("uid"));        
        
        if($mysidia->input->post("submit")){
            // A form has been submitted, we will be processing the request.
            if($mysidia->input->post("pass1")){
                $newsalt codegen(150); 
                $password passencr($username$pass1$newsalt);
                $mysidia->db->update("users", array("password" => $password), "uid='{$mysidia->input->get("uid")}'");
                if($mysidia->input->post("emailpwchange") == "yes"){
                    //SEND THE PASSWORD CHANGE EMAIL...    
                    $systememail $mysidia->settings->systememail;
                    $headers "From: {$systememail}";
                    $message "Hello {$user->username};\n\nYour password at {$mysidia->settings->sitename} has been changed by the site admin. Your new account details are as follows:\n
                                Username: {$user->username}\nPassword: {$mysidia->input->post("pass1")}\n
                                You can log in to your account at: {$mysidia->path->getAbsolute()}login\n
                                Thank You. The {$mysidia->settings->sitename} team.";
                    mail($mysidia->input->post("email"), "{$mysidia->settings->sitename} - Your password has been changed"$message$headers);                    
                }
            }
                
            $mysidia->db->update("users", array("email" => $mysidia->input->post("email")), "uid='{$mysidia->input->get("uid")}'");
            if(is_numeric($mysidia->input->post("level"))) $mysidia->db->update("users", array("usergroup" => $mysidia->input->post("level")), "uid='{$mysidia->input->get("uid")}'");
            
            //Carry out user banning options
            if($mysidia->input->post("canlevel") == "no"$mysidia->db->update("users_status", array("canlevel" => 'no'), "uid='{$mysidia->input->get("uid")}'");
            if($mysidia->input->post("canvm") == "no"$mysidia->db->update("users_status", array("canvm" => 'no'), "uid='{$mysidia->input->get("uid")}'");
            if($mysidia->input->post("canfriend") == "no"$mysidia->db->update("users_status", array("canfriend" => 'no'), "uid='{$mysidia->input->get("uid")}'");
            if($mysidia->input->post("cantrade") == "no"$mysidia->db->update("users_status", array("cantrade" => 'no'), "uid='{$mysidia->input->get("uid")}'");
            if($mysidia->input->post("canbreed") == "no"$mysidia->db->update("users_status", array("canbreed" => 'no'), "uid='{$mysidia->input->get("uid")}'");
            if($mysidia->input->post("canpound") == "no"$mysidia->db->update("users_status", array("canpound" => 'no'), "uid='{$mysidia->input->get("uid")}'");  
            if($mysidia->input->post("canshop") == "no"$mysidia->db->update("users_status", array("canshop" => 'no'), "uid='{$mysidia->input->get("uid")}'");
            if($mysidia->input->post("unban") == "yes"unbanuser($user->username);
          
            $document->setTitle($mysidia->lang->edited_title);
            $document->addLangvar($mysidia->lang->edited);
        }
        else{
            // Show default form action
            $userForm = new FormBuilder("editform"$mysidia->input->get("uid"), "post");
            $userForm->add(new Comment("<br><br>"));
            $userForm->add(new Image("templates/icons/delete.gif"));
            $userForm->buildCheckBox(" Delete This User. <strong>This cannot be undone!</strong>""delete""yes")
                     ->buildComment("Assign New Password: "FALSE)->buildPasswordField("password""pass1"""TRUE)
                     ->buildComment("Passwords may contain letters and numbers only. Leave the box blank to keep the current password.")
                     ->buildCheckBox(" Email the user the new password (Only takes effect if setting a new password) ""emailpwchange""yes")
                     ->buildComment("Change Email Address: "FALSE)->buildTextField("email"$user->getemail())
                     ->buildCheckBox(" Ban this user's rights to click adoptables""canlevel""no")
                     ->buildCheckBox(" Ban this user's rights to post profile comments""canvm""no")
                     ->buildCheckBox(" Ban this user's rights to make trade offers""cantrade""no")
                     ->buildCheckBox(" Ban this user's rights to send friend requests""canfriend""no")
                     ->buildCheckBox(" Ban this user's rights to breed adoptables""canbreed""no")
                     ->buildCheckBox(" Ban this user's rights to abandon adoptables""canpound""no")
                     ->buildCheckBox(" Ban this user's rights to visit Shops""canshop""no");
                     
            $userForm->add(new Comment("<u>{$user->username}'s Current Usergroup:</u> Group {$user->usergroup}"));    
            $userForm->add(new Comment("Change {$user->username}'s Usergroup To:"FALSE));
            $userForm->buildDropdownList("level""UsergroupList"$user->usergroup->gid)                    
                     ->buildButton("Edit User""submit""submit");
            $document->add($userForm);
        }
    }
    
    public function delete(){
         $mysidia Registry::get("mysidia");
        $document $mysidia->frame->getDocument();
        if(!$mysidia->input->get("uid")){
            $this->index();
            return;
        }

        $user = new Member($mysidia->input->get("uid"));
        deleteuser($user->username);
        $document->setTitle($mysidia->lang->delete_title);
        $document->addLangvar($mysidia->lang->delete);
        header("Refresh:3; URL='../../index'");
    }
    
    public function merge(){
        $mysidia Registry::get("mysidia");
        throw new InvalidActionException($mysidia->lang->global_action);
    }
    
    public function search(){
        $mysidia Registry::get("mysidia");
        throw new InvalidActionException($mysidia->lang->global_action);
    }
}

?>

NobodysHero 04-02-2016 10:48 AM
Password Reset/Password Change Glitch
 
I also have this issue and my users aren't getting their password resets when they try to reset it. No email, nothing. I've tested this myself, so I know it's indeed a problem. It's always been an issue, just kept forgetting to look for a fix and normally just have them re-register, then I change their username or change the user name in the db, have them re-register, then change the db ID number. T_T Very involved and frustrating.

As I continued reading, I saw the issue with Yahoo, but I'm using mystfell@gmail.com as my admin email and tested it using another gmail to receive the reset.

pachoofoosh 04-02-2016 11:36 AM
Just looked through that script... it seems to update the password hash in the database but not the salt. Try changing line 39, which looks like:
PHP Code:
$mysidia->db->update("users", array("password" => $password), "uid='{$mysidia->input->get("uid")}'"); 
To this:
PHP Code:
$mysidia->db->update("users", array("password" => $password"salt" => $newsalt), "uid='{$mysidia->input->get("uid")}'"); 
edit: omg didn't realize op posted this a few months ago ok whoops

@NobodysHero I'm not sure about the email thing, though. ;o; Last time I ran Mysidia the password resets were working fine... Does your host have the mail() function enabled? Some hosting providers disable that function.

NobodysHero 04-02-2016 12:37 PM
Just tried that, Pachoo, doesn't seem to work. T_T

Here's mine, in case maybe I did something wrong?


PHP Code:
<?php

class ACPUserController extends AppController{

    const PARAM "uid";
    
    public function __construct(){
        parent::__construct();
        $mysidia Registry::get("mysidia");
        if($mysidia->usergroup->getpermission("canmanageusers") != "yes"){
            throw new NoPermissionException("You do not have permission to manage users.");
        }    
    }
    
    public function index(){
        parent::index();
        $mysidia Registry::get("mysidia");    
        $stmt $mysidia->db->select("users");        
        $this->setField("stmt", new DatabaseStatement($stmt));
    }
    
    public function add(){
        throw new InvalidActionException("global_action");
    }
    
    public function edit(){
        $mysidia Registry::get("mysidia");
        if(!$mysidia->input->get("uid")){
            $this->index();
            return;
        }
        $user = new Member($mysidia->input->get("uid"));        
        
        if($mysidia->input->post("submit")){
            // A form has been submitted, we will be processing the request.
            if($mysidia->input->post("pass1")){
                $newsalt codegen(150); 
                $password passencr($username$pass1$newsalt);
                $mysidia->db->update("users", array("password" => $password"salt" => $newsalt), "uid='{$mysidia->input->get("uid")}'");  
                if($mysidia->input->post("emailpwchange") == "yes"){
                    //SEND THE PASSWORD CHANGE EMAIL...    
                    $systememail $mysidia->settings->systememail;
                    $headers "From: {$systememail}";
                    $message "Hello {$user->username};\n\nYour password at {$mysidia->settings->sitename} has been changed by the site admin. Your new account details are as follows:\n
                                Username: {$user->username}\nPassword: {$mysidia->input->post("pass1")}\n
                                You can log in to your account at: {$mysidia->path->getAbsolute()}login\n
                                Thank You. The {$mysidia->settings->sitename} team.";
                    mail($mysidia->input->post("email"), "{$mysidia->settings->sitename} - Your password has been changed"$message$headers);                    
                }
            }
                
            $mysidia->db->update("users", array("email" => $mysidia->input->post("email")), "uid='{$mysidia->input->get("uid")}'");
            if(is_numeric($mysidia->input->post("level"))) $mysidia->db->update("users", array("usergroup" => $mysidia->input->post("level")), "uid='{$mysidia->input->get("uid")}'");
            
            //Carry out user banning options
            if($mysidia->input->post("canlevel") == "no"$mysidia->db->update("users_status", array("canlevel" => 'no'), "uid='{$mysidia->input->get("uid")}'");
            if($mysidia->input->post("canvm") == "no"$mysidia->db->update("users_status", array("canvm" => 'no'), "uid='{$mysidia->input->get("uid")}'");
            if($mysidia->input->post("canfriend") == "no"$mysidia->db->update("users_status", array("canfriend" => 'no'), "uid='{$mysidia->input->get("uid")}'");
            if($mysidia->input->post("cantrade") == "no"$mysidia->db->update("users_status", array("cantrade" => 'no'), "uid='{$mysidia->input->get("uid")}'");
            if($mysidia->input->post("canbreed") == "no"$mysidia->db->update("users_status", array("canbreed" => 'no'), "uid='{$mysidia->input->get("uid")}'");
            if($mysidia->input->post("canpound") == "no"$mysidia->db->update("users_status", array("canpound" => 'no'), "uid='{$mysidia->input->get("uid")}'");  
            if($mysidia->input->post("canshop") == "no"$mysidia->db->update("users_status", array("canshop" => 'no'), "uid='{$mysidia->input->get("uid")}'");
            if($mysidia->input->post("unban") == "yes"unbanuser($user->username);
        }
    }
    
    public function delete(){
         $mysidia Registry::get("mysidia");
        if(!$mysidia->input->get("uid")){
            $this->index();
            return;
        }

        $user = new Member($mysidia->input->get("uid"));
        deleteuser($user->username);
    }
    
    public function merge(){
        throw new InvalidActionException("global_action");
    }
    
    public function search(){
        throw new InvalidActionException("global_action");
    }
}
?>

pachoofoosh 04-02-2016 01:35 PM
Everything looks fine in the file. :'o If your site's users are not getting emails, it could be possible that your host has PHP's mail() function disabled. Try submitting a support ticket to your host to find out if PHP's mail() function is enabled?

Hall of Famer 04-02-2016 02:32 PM
Ditto to what Pachoofoosh said, some webhosts have disabled php's mail function for shared hosting accounts. On MysidiaHost we dont have this problem, but I cant speak for other webhosts.

NobodysHero 04-02-2016 08:41 PM
OH! YES RIGHT! I also forgot to mention, replaced that line that was suggested by Pachoo, but it's still not changing the password successfully. x.x I tried to log in using the password I made and it didn't let me in. T_T If either of you are willing to give it a good poke around, I'd appreciate it.

PS:And I did send in a ticket, just waiting for a response from the host.

pachoofoosh 04-03-2016 09:31 AM
Hmm.... Try pasting this on line 2, under the <?php line:
PHP Code:
include('../functions/functions.php'); 

NobodysHero 04-03-2016 10:39 AM
That gives me:

Quote:
The mystfell.com page isn’t working

mystfell.com is currently unable to handle this request.
500
Just for that page. Taking it out returned access to the page. x.x

pachoofoosh 04-03-2016 10:50 AM
Dang, sorry, i'm not quote sure what's going on with the code then. :c Maybe HoF can help? Seems to be there might be some hidden bug in the page's password updating code.


All times are GMT -5. The time now is 06:46 PM.
Page 1 of 2 1 2
Show 40 post(s) from this thread on one page

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.