Thank you Jason and SOJO for replying.
I didn't check that the email was sending before adding encryption and the 'change password' form. Upon recreating the forms, I found the problem and emailPW would send.
Now, I have a new small problem with the encrypted 'emailPW' and 'change password' forms.
1)From Profile page, there's a link to Change Password page.
2)The new password is accepted.
3)I logout
4)Log in with new password and get redirected to EmailPW.
5)Enter my email address and send.
6)Receive the new password.
7)Unable to log in using new password (some 40 chars?)
EmailPW form has the same issue as above from Log In page. All my forms have a 40 char password field - same as DB.
Another small issue -
The Registration form is allowing me to register duplicate users. For a duplicate user, I don't receive an email password by either 'change password' and EmailPW forms.
I'm using the email address as the username. I can login, change profile, logout. Then login using wrong - get redirected to EMailPW, get email with new pass - new pass doesn't work.
Here's some code. Sorry for the length. Thanks in advance - Kathi
<?php require_once("../WA_SecurityAssist/WA_SHA1Encryption.php"); ?>
<?php
require_once("../WA_SecurityAssist/WA_RandomPassword.php");
?>
<?php require_once('../Connections/members.php');?>
<?php require_once('../Connections/members.php');?>
<?php require_once("../WA_DataAssist/WA_AppBuilder_PHP.php"); ?>
<?php require_once( "../WA_SecurityAssist/Helper_PHP.php" );
?>
<?php
if (!session_id()) session_start();
if(isset($_POST["Send_x"])) {
$_SESSION["NewPW"] = "".WA_RandomPassword(9, true, true, true, "") ."";
}?>
<?php
// WA Application Builder Update
if (isset($_POST["Send_x"])) // Trigger
{
$WA_connection = $members;
$WA_table = "visitors";
$WA_redirectURL = "";
$WA_keepQueryString = false;
$WA_indexField = "VisitorEmail";
$WA_fieldNamesStr = "VisitorPassword";
$WA_fieldValuesStr = "".WA_SHA1Encryption($_SESSION['NewPW']) ."";
$WA_columnTypesStr = "',none,''";
$WA_comparisonStr = "=";
$WA_fieldNames = explode("|", $WA_fieldNamesStr);
$WA_fieldValues = explode("|", $WA_fieldValuesStr);
$WA_columns = explode("|", $WA_columnTypesStr);
$WA_where_fieldValuesStr = "".((isset($_POST["emailAddress"]))?$_POST["emailAddress"]:"") ."";
$WA_where_columnTypesStr = "',none,''";
$WA_where_comparisonStr = "=";
$WA_where_fieldNames = explode("|", $WA_indexField);
$WA_where_fieldValues = explode("|", $WA_where_fieldValuesStr);
$WA_where_columns = explode("|", $WA_where_columnTypesStr);
$WA_where_comparisons = explode("|", $WA_where_comparisonStr);
$WA_connectionDB = $database_members;
mysql_select_db($WA_connectionDB, $WA_connection);
if (!session_id()) session_start();
$updateParamsObj = WA_AB_generateInsertParams($WA_fieldNames, $WA_columns, $WA_fieldValues, -1);
$WhereObj = WA_AB_generateWhereClause($WA_where_fieldNames, $WA_where_columns, $WA_where_fieldValues, $WA_where_comparisons );
$WA_Sql = "UPDATE `" . $WA_table . "` SET " . $updateParamsObj->WA_setValues . " WHERE " . $WhereObj->sqlWhereClause . "";
$MM_editCmd = mysql_query($WA_Sql, $WA_connection) or die(mysql_error());
if ($WA_redirectURL != "") {
if ($WA_keepQueryString && $WA_redirectURL != "" && isset($_SERVER["QUERY_STRING"]) && $_SERVER["QUERY_STRING"] !== "" && sizeof($_POST) > 0) {
$WA_redirectURL .= ((strpos($WA_redirectURL, '?') === false)?"?":"&").$_SERVER["QUERY_STRING"];
}
header("Location: ".$WA_redirectURL);
}
}
?>
<?php
function WA_SecurityAssist_Email_1_SendMail($WA_Auth_Parameter){
$WA_MailObject = WA_SecurityAssist_Definition("smtp.verdevalley4wheelers.com","25","admin@verdevalley4wheelers.com","","","");
$WA_MailObject = WA_SecurityAssist_SendMail($WA_MailObject,"","","",$WA_Auth_Parameter["toAddress"],"",$WA_Auth_Parameter["fromAddress"],$WA_Auth_Parameter["subject"],$WA_Auth_Parameter["mailBody"]);
$WA_MailObject = null;
}// WA_SecurityAssist_Email_1_SendMail
function WA_SecurityAssist_Email_2_SendMail($WA_Auth_Parameter){
$WA_MailObject = WA_SecurityAssist_Definition("smtp.verdevalley4wheelers.com","25","admin@verdevalley4wheelers.com","","","");
$WA_MailObject = WA_SecurityAssist_SendMail($WA_MailObject,"","","",$WA_Auth_Parameter["toAddress"],"",$WA_Auth_Parameter["fromAddress"],$WA_Auth_Parameter["subject"],$WA_Auth_Parameter["mailBody"]);
$WA_MailObject = null;
}// WA_SecurityAssist_Email_2_SendMail
?>
<?php
if(isset($_POST["Send_x"])){
//WA SecurityAssist Email object="Mail for Linux"
$WA_Auth_Parameter = array(
"connection" => $members,
"database" => $database_members,
"tableName" => "visitors",
"filterColumn" => "VisitorEmail",
"columnValue" => "".((isset($_POST["emailAddress"]))?$_POST["emailAddress"]:"") ."",
"columnType" => "text",
"usernameColumn" => "VisitorEmail",
"passwordColumn" => "VisitorPassword",
"selectColumns" => array(""),
"sessionVariables" => array(""),
"successRedirect" => "visitors_LogIn.php",
"failRedirect" => "visitors_EmailPW.php",
"keepQueryString" => TRUE,
"toAddressColumn" => "VisitorEmail",
"fromAddress" => "admin@verdevalley4wheelers.com",
"fromAddressDisplay" => "Administrator",
"subject" => "Your New Password",
"mailBody" => "User name: [VisitorEmail]\nPassword: [VisitorPassword]",
"emailFunction" => "WA_SecurityAssist_Email_1_SendMail"
);
WA_Auth_ForgotPassword($WA_Auth_Parameter);
}
if(isset($_POST["Send_x"])){
//WA SecurityAssist Email object="Mail for Linux"
$WA_Auth_Parameter = array(
"connection" => $members,
"database" => $database_members,
"tableName" => "visitors",
"filterColumn" => "VisitorEmail",
"columnValue" => "".((isset($_POST["emailAddress"]))?$_POST["emailAddress"]:"") ."",
"columnType" => "text",
"usernameColumn" => "VisitorEmail",
"passwordColumn" => "VisitorPassword",
"selectColumns" => array(""),
"sessionVariables" => array(""),
"successRedirect" => "visitors_LogIn.php",
"failRedirect" => "visitors_EmailPW.php",
"keepQueryString" => TRUE,
"toAddressColumn" => "VisitorEmail",
"fromAddress" => "admin@verdevalley4wheelers.com",
"fromAddressDisplay" => "Administrator",
"subject" => "Your New Password",
"mailBody" => "User name: [VisitorEmail]\nPassword: [VisitorPassword]",
"emailFunction" => "WA_SecurityAssist_Email_2_SendMail"
);
WA_Auth_ForgotPassword($WA_Auth_Parameter);
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
_______________TEMPLATE_______________________________________
<div id="ForgotPWContainer" class="WAATK">
<form action="visitors_EmailPW.php" method="post" name="WAATKForgotPWForm" id="WAATKForgotPWForm">
<h1>Forgot Password</h1>
<table class="WAATKDataTable" cellpadding="0" cellspacing="0" border="0">
<tr>
<th>Email:</th>
<td><input type="text" name="emailAddress" /></td>
</tr>
</table>
<div class="WAATKButtonRow">
<input type="image" hspace="0" vspace="0" border="0" name="Send" id="Send" value="Send" alt="Send" src="../WA_SecurityAssist/images/Desert Spice/Modular_send.gif" />
</div>
</form>
</div>