close ad
Help us test the new Databridge BETA with MySQLi support
open ad
View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

rating

No Day Without Errors

Thread began 11/25/2012 8:52 am by Cologne | Last modified 1/07/2013 12:04 pm by Jason Byrnes | 1896 views | 11 replies |

Cologne

No Day Without Errors

Hi,

sorry, but, there is no day, I aint got any error in your extensions.

Cheers,
Denis

Sign in to reply to this post

Jason ByrnesWebAssist

here are updated copies of the 2 files from the shared/webassist/securityassist/xml folder that should correct the problem. If you need help finding the configuration folder, see the common installation issues page:
common_installation_issues.php

Make sure to also delete the .dat file after replacing the 2 attached files.

Attached Files
xml.zip
Sign in to reply to this post

Cologne

Hi Jason,

great the error is gone :-)

but I think I got a little understanding problem with the return email password :-)

this does not wort cause of the $_GET['fp_id'] in the update. but how to fix that?

<?php 
if (isset($_POST["buttonResetPasswort"]) || isset($_POST["buttonResetPasswort_x"])) {
$WAFV_Redirect = "";
$_SESSION['WAVT_newPasswordstep4_703_Errors'] = "";
if ($WAFV_Redirect == "") {
$WAFV_Redirect = $_SERVER["PHP_SELF"];
}
$WAFV_Errors = "";
$WAFV_Errors .= WAValidateRX(((isset($_POST["title"]))?$_POST["title"]:"") . "","/^$/i",false,1);
$WAFV_Errors .= WAValidateAN(((isset($_POST["newPassword"]))?$_POST["newPassword"]:"") . "",true,true,true,false,"@ßüöäÜÖÄ#-_$%&()=?:;*",true,2);
$WAFV_Errors .= WAValidateEL(((isset($_POST["newPassword"]))?$_POST["newPassword"]:"") . "",6,32,true,3);
$WAFV_Errors .= WAValidateLE(((isset($_POST["confirmNewPassword"]))?$_POST["confirmNewPassword"]:"") . "",((isset($_POST["newPassword"]))?$_POST["newPassword"]:"") . "",true,4);
$WAFV_Errors .= WAValidateRX(((isset($_POST["confirm"]))?$_POST["confirm"]:"") . "","/^$/i",false,5);

if ($WAFV_Errors != "") {
PostResult($WAFV_Redirect,$WAFV_Errors,"newPasswordstep4_703");
}
}
?>
<?php
function WA_SecurityAssist_Email_1_EncryptionReturn($tParams){ //Encrypted Return
global $WA_Auth_Parameter;
$WA_Auth_Parameter = $tParams;
}// WA_SecurityAssist_Email_1_EncryptionReturn
?>
<?php
if(isset($_GET["fp_data"]) && isset($_GET["fp_id"]) && isset($_GET["fp_email"])){
//WA SecurityAssist Encrypted Email Return
$WA_Auth_Parameter = array(
"encryptedreturn" => true,
"connection" => $unserWeihnachtsfenster,
"database" => $database_unserWeihnachtsfenster,
"tableName" => "members",
"keyColumn" => "id",
"columnType" => "int",
"usernameColumn" => "username",
"usernameEncryption" => "",
"passwordColumn" => "password",
"passwordEncryption" => "md5",
"failRedirect" => "newPassword_step_3.php",
"toAddressColumn" => "username",
"toAddressEncryption" => "",
"returnFunction" => "WA_SecurityAssist_Email_1_EncryptionReturn"
);

WA_Auth_ForgotEncryptedPasswordReturn($WA_Auth_Parameter);
}
?>
<?php
// WA DataAssist Update
if (isset($_POST["buttonResetPasswort"]) || isset($_POST["buttonResetPasswort_x"])) // Trigger
{
$WA_connection = $unserWeihnachtsfenster;
$WA_table = "members";
$WA_redirectURL = "newPassword_step_5.php";
if (function_exists("rel2abs")) $WA_redirectURL = $WA_redirectURL?rel2abs($WA_redirectURL,dirname(__FILE__)):"";
$WA_keepQueryString = false;
$WA_indexField = "id";
$WA_fieldNamesStr = "password|ip|host|timestamp";
$WA_fieldValuesStr = "".WA_MD5Encryption(((isset($_POST["newPassword"]))?$_POST["newPassword"]:"")) ."" . $WA_AB_Split . "".((isset($_SERVER["REMOTE_ADDR"]))?$_SERVER["REMOTE_ADDR"]:"") ."" . $WA_AB_Split . "".gethostbyaddr(((isset($_SERVER["REMOTE_ADDR"]))?$_SERVER["REMOTE_ADDR"]:"")) ."" . $WA_AB_Split . "".date('Y-m-d H:i:s') ."";
$WA_columnTypesStr = "',none,''|',none,''|',none,''|',none,NULL";
$WA_comparisonStr = "=|=|=|=";
$WA_fieldNames = explode("|", $WA_fieldNamesStr);
$WA_fieldValues = explode($WA_AB_Split, $WA_fieldValuesStr);
$WA_columns = explode("|", $WA_columnTypesStr);

$WA_where_fieldValuesStr = "".((isset($_GET["fp_id"]))?$_GET["fp_id"]:"") ."";
$WA_where_columnTypesStr = "none,none,NULL";
$WA_where_comparisonStr = "=";
$WA_where_fieldNames = explode("|", $WA_indexField);
$WA_where_fieldValues = explode($WA_AB_Split, $WA_where_fieldValuesStr);
$WA_where_columns = explode("|", $WA_where_columnTypesStr);
$WA_where_comparisons = explode("|", $WA_where_comparisonStr);

$WA_connectionDB = $database_unserWeihnachtsfenster;
mysql_select_db($WA_connectionDB, $WA_connection);
@session_start();
$updateParamsObj = WA_AB_generateInsertParams($WA_fieldNames, $WA_columns, $WA_fieldValues, -1);
$WhereObj = WA_AB_generateWhereClause($WA_where_fieldNames, $WA_where_columns, $WA_where_fieldValues, $WA_where_comparisons );
$WA_Sql = "UPDATE `" . $WA_table . "` SET " . $updateParamsObj->WA_setValues . " WHERE " . $WhereObj->sqlWhereClause . "";
$MM_editCmd = mysql_query($WA_Sql, $WA_connection) or die(mysql_error());
if ($WA_redirectURL != "") {
if ($WA_keepQueryString && $WA_redirectURL != "" && isset($_SERVER["QUERY_STRING"]) && $_SERVER["QUERY_STRING"] !== "" && sizeof($_POST) > 0) {
$WA_redirectURL .= ((strpos($WA_redirectURL, '?') === false)?"?":"&").$_SERVER["QUERY_STRING"];
}
header("Location: ".$WA_redirectURL);
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Unser Weihnachtsfenster</title>
</head>

<body>
<?php
if (ValidatedField('newPasswordstep4_703','newPasswordstep4_703')) {
if ((strpos((",".ValidatedField("newPasswordstep4_703","newPasswordstep4_703").","), "," . "2" . ",") !== false || "2" == "") || (strpos((",".ValidatedField("newPasswordstep4_703","newPasswordstep4_703").","), "," . "3" . ",") !== false || "3" == "")) {
if (!(false)) {
?>
<p>Bitte ein anderes Passwort wählen (6-32 Zeichen).</p>
<?php //WAFV_Conditional newPassword_step_4.php newPasswordstep4_703(2,3:)
}
}
}?>
<?php
if (ValidatedField('newPasswordstep4_703','newPasswordstep4_703')) {
if ((strpos((",".ValidatedField("newPasswordstep4_703","newPasswordstep4_703").","), "," . "4" . ",") !== false || "4" == "")) {
if (!((strpos((",".ValidatedField("newPasswordstep4_703","newPasswordstep4_703").","), "," . "2" . ",") !== false || "2" == "") || (strpos((",".ValidatedField("newPasswordstep4_703","newPasswordstep4_703").","), "," . "3" . ",") !== false || "3" == ""))) {
?>
<p>Passwörter stimmen nicht überein.</p>
<?php //WAFV_Conditional newPassword_step_4.php newPasswordstep4_703(4:2,3)
}
}
}?>
<form id="formResetPassword" name="formResetPassword" method="post" action="<?php echo (htmlentities($_SERVER["PHP_SELF"], ENT_QUOTES)); ?>"><input type="hidden" name="title" id="title" style="display: none;" /><ul><li>
<label for="newPassword">Neues Passwort:</label>
<input type="text" name="newPassword" id="newPassword" />
</li>
<li>
<label for="confirmNewPassword">Neues Passwort bestätigen:</label>
<input type="text" name="confirmNewPassword" id="confirmNewPassword" />
</li>
<li>
<input type="submit" name="buttonResetPasswort" id="buttonResetPasswort" value="Passwort zurücksetzen" />
</li>
</ul><input type="hidden" name="confirm" id="confirm" style="display: none;" />
</form>
Sign in to reply to this post

Jason ByrnesWebAssist

the fp_id URL variable is a part of the link that is sent in the email.

The forgot password email will contain a link that return back to the forgot password page, the fp_id URL variable will be part of that link

Sign in to reply to this post

Cologne

Hi Jason,

I know, I tried to use "fp_id" in the UPDATE Behavior, but this does not work.
How is this done in the wizzard. I cant use the wizzard here.

:-(

Cheers,
Denis

Sign in to reply to this post

Jason ByrnesWebAssist

use the following code for the action of the reset password form to ensure that the fp_id URL: variable is resent when the update form posts:



php:
 action="<?php echo (htmlentities($_SERVER["PHP_SELF"], ENT_QUOTES)); ?>?<?php echo preg_replace("/^&/"""preg_replace("/&?invalid=true/"""$_SERVER["QUERY_STRING"])); ?>"
Sign in to reply to this post

Cologne

Hey Jason,

this works, thanks.
But I think in the XML is an error.

Redirect. MATCH and DIFFRENCE changed :-)

Cheers,
Denis

Sign in to reply to this post

Jason ByrnesWebAssist

I dont follow, please provide more details

Sign in to reply to this post

Cologne

ok.

Redirect in the Wizzard.

matches.
go to step_2

failed.
go to step_3

return.
goto step_4

when I enter my email, it gets me to failed, step_3 but I get an email with the link :-)

this is what changed :-)

Cheers,
Denis

Sign in to reply to this post

Jason ByrnesWebAssist

ok, that makes more sense. It's always helpful to provide as much details as possible when reporting a problem.


in the security_assist/helper_php.php file, find the following code:

php:
if (isset($_SESSION["WA_MailObject_Status"]) && $_SESSION["WA_MailObject_Status"] == "Success") {



and change it to:

php:
if (isset($GLOBALS["WA_MailObject_Status"]) && $GLOBALS["WA_MailObject_Status"] == "Success") {




it may occur more than once, you will need to change all instances.

Sign in to reply to this post
loading

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question

Content

rating

Layout

rating

Ease of use

rating

security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...