close ad
 
Important WebAssist Announcement
open ad
View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

rating

Cannot Login After Forgot Password Emails Random Password

Thread began 3/22/2011 5:19 pm by dlovas275157 | Last modified 8/05/2011 11:11 am by un33k9309513 | 3342 views | 10 replies |

dlovas275157

Cannot Login After Forgot Password Emails Random Password

I am having trouble being able to login after I have submitted the "forgot password form". I Have followed the SA Tutorial swf here exactly ( 07_send_password.swf ) and fully taken into consideration sha1 encryption.

Problem occurs when a the user tries to use the new random password (that is emailed to them) to login. It rejects everytime. Eventhough it is stored in the database as encrypted and the login page submits it encrypted.

I have verified that it is writing to the database in encrypted format, so I do not think this is the issue.

I have attached my code for the following pages since I am not sure on which page may be causing the issue:
1. login page
2. forgot password page
3. rejected page.

Help is much appreciated.

Thanks.

Using
Security Assist 1.1.9
Data Assist 2.0.7

Attached Files
forgotPass.php.zip
loginPage.zip
rejected.php.zip
Sign in to reply to this post

Jason ByrnesWebAssist

in the update record behavior, you are storing an encrypted random string, using the random password generator and encrypting it.

you should be storing the encrypted version of the SV_newPassword session variable.

in the update record behavior, bind the password column to the SV_newPassword session variable and set the formation to use encryption.

Sign in to reply to this post

dlovas275157

Jason,

Thank you ... that worked!

Sign in to reply to this post

Jason ByrnesWebAssist

you're welcome.

Sign in to reply to this post

un33k9309513

Hi,

I have the same problem, where it sends the SHA1 password to the email and puts the SHA1 in the password field in the db.


I've been up reading posts and redoing this several times, but still sends the SHA1 to both email address and db, and the user can't log, he should be getting only 7 char. in his email.

thanks for your help
Ed

Sign in to reply to this post

Jason ByrnesWebAssist

In the forgot password server behavior, on the last step, you can you define the email message that is sent.

remove the [password] token, then click the plus button and select the NewPW session variable.

Sign in to reply to this post

un33k9309513

Hi,

I did that and as soon as I clicked Finished, it put a red exclamation next to update record server behavior. So then I tested my file online and put my email in the forgot email section and the browser returned this message and there was no email sent:

Incorrect table name ''


Should I just install SA2 ? If I do I'm worried it may ruin my already made pages with SA. I have a registration page with multiple insert record behaviors. Can I install SA2 and just do the above stuff I'm trying to do? Can I also use crypt even though I have SHA1 using the old SA? I just don't want to create a massive problem. If I know installing the new SA2 won't conflict much with my old SA1 files I really want to upgrade, any suggestions Jason?

Thanks,
Ed

Sign in to reply to this post

Jason ByrnesWebAssist

those 2 code snippets are identical.

please send a copy of the page i n zip archive rather than pasting the code.

Sign in to reply to this post

un33k9309513

This post has been deleted.

Jason ByrnesWebAssist

I have created a support ticket so we can look into this issue further.

To view and edit your support ticket, please log into your support history:
supporthistory.php

If anyone else is experiencing this same issue, please append to this thread.

Sign in to reply to this post
loading

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question

Content

rating

Layout

rating

Ease of use

rating

security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...