[Vtigercrm-developers] Does the "Forgot Password" function of Customer Portal actually work?

Manuel Fernando ptdesigner at gmail.com
Sun Oct 9 13:25:53 GMT 2016


Just to fix a small mistake


1º Keep remember that you should delete condition /* 'email', 'is not empty’*/ from workflow added in 6.5.0. to 6.6.0 to send email at first creation of contact

2º Still to do - Update inactive in database vtiger_portalinfo when access to portal is disabled (so you can add in the next function to do not send reset password if isactive is ‘0’) because currently, isactive from vtiger_portalinfo is always ‘1'

3º add reset password in the next function like this

function send_mail_for_password($mailid)
{
	…………...

	$sql = "select * from vtiger_portalinfo  where user_name = ? ";
	$res = $adb->pquery($sql, array($mailid));
	$user_name = $adb->query_result($res,0,'user_name');
	- // $password = $adb->query_result($res,0,'user_password');
	+ $password = makeRandomPassword();
	+ $enc_password = Vtiger_Functions::generateEncryptedPassword($password);
	$isactive = $adb->query_result($res,0,'isactive');
	
	// We no longer have the original password!
	if (!empty($adb->query_result($res, 0, 'cryptmode'))) {
		- //$password = '*****';
		+ $sql = "UPDATE vtiger_portalinfo SET user_password=? WHERE user_name=?";
		+ $params = array($enc_password, $user_name);
		+ $adb->pquery($sql, $params);
		+ $password = $password;
		// TODO - we need to send link to reset the password
		// For now CRM user can do the same.
	}


Best Regards.

Manuel





> No dia 08/10/2016, às 15:55, Manuel Fernando <ptdesigner at gmail.com> escreveu:
> 
> Hello Alan
> 
> Do you think this would be ok for send a reset password for now?
> 
> I know that is preferable to send a reset link, but as a quick solution (worst case, people can reset passwords only by putting client email)
> 
> 
> 	$sql = "select * from vtiger_portalinfo  where user_name = ? ";
> 	$res = $adb->pquery($sql, array($mailid));
> 	$user_name = $adb->query_result($res,0,'user_name');
> 	// $password = $adb->query_result($res,0,'user_password');
> 	$password = makeRandomPassword();
> 	$enc_password = Vtiger_Functions::generateEncryptedPassword($password);
> 	$isactive = $adb->query_result($res,0,'isactive');
> 	
> 	// We no longer have the original password!
> 	if (!empty($adb->query_result($res, 0, 'cryptmode'))) {
> 		// $password = '*****';
> 		$sql = "UPDATE vtiger_portalinfo SET user_password=?";
> 		$params = array($enc_password);
> 		$adb->pquery($sql, $params);
> 		$password = $password;
> 		// TODO - we need to send link to reset the password
> 		// For now CRM user can do the same.
> 	}
> 
> 
>> No dia 29/09/2016, às 11:19, Alan Lord <alanslists at gmail.com <mailto:alanslists at gmail.com>> escreveu:
>> 
>> I am testing a migrating for a client from 6.4.0 to 6.5.0 and as they are a heavy Portal user I wanted to make sure that the change to the encrypted passwords works properly.
>> 
>> Everything I have tested with a migrated 6.5.0 and the portal seems to work OK except when I choose the "Forgot Password" option on the portal...
>> 
>> The call gets to vtiger OK but no email is ever sent to the user:
>> 
>> 
>>> Thu Sep 29 09:56:23 2016,893 [6578] INFO VT - PearDatabase ->ADODB disconnect
>>> Thu Sep 29 09:56:23 2016,958 [6578] DEBUG VT - Entering customer portal function getPortalUserid
>>> Thu Sep 29 09:56:23 2016,958 [6578] DEBUG VT - Prepared sql query being executed : SELECT prefvalue FROM vtiger_customerportal_prefs WHERE prefkey = 'userid' AND tabid = 0
>>> Thu Sep 29 09:56:23 2016,959 [6578] DEBUG user - Entering Users() method ...
>>> Thu Sep 29 09:56:23 2016,959 [6578] DEBUG VT - Entering getColumnFields(Users) method ...
>>> Thu Sep 29 09:56:23 2016,959 [6578] DEBUG VT - in getColumnFields Users
>>> Thu Sep 29 09:56:23 2016,959 [6578] DEBUG VT - Prepared sql query being executed : SELECT tabid, name, ownedby FROM vtiger_tab
>>> Thu Sep 29 09:56:23 2016,964 [6578] DEBUG VT - Prepared sql query being executed : SELECT tabid, fieldname, fieldid, fieldlabel, columnname, tablename, uitype, typeofdata, presence
>>>                FROM vtiger_field WHERE tabid in (?)
>>> Thu Sep 29 09:56:23 2016,964 [6578] DEBUG VT - Prepared sql query parameters : [29]
>>> Thu Sep 29 09:56:23 2016,975 [6578] DEBUG VT - Exiting getColumnFields method ...
>>> Thu Sep 29 09:56:23 2016,975 [6578] DEBUG user - Exiting Users() method ...
>>> Thu Sep 29 09:56:23 2016,978 [6578] DEBUG customerportal - Entering customer portal function send_mail_for_password
>>> Thu Sep 29 09:56:23 2016,978 [6578] INFO VT - PearDatabase ->Inside the function send_mail_for_password(alan at hidden.co.uk <mailto:alan at hidden.co.uk>).
>>> Thu Sep 29 09:56:23 2016,979 [6578] DEBUG customerportal - Prepared sql query being executed : select * from vtiger_portalinfo  where user_name = ?
>>> Thu Sep 29 09:56:23 2016,979 [6578] DEBUG customerportal - Prepared sql query parameters : [alan at hidden.co.uk <mailto:alan at hidden.co.uk>]
>>> Thu Sep 29 09:56:23 2016,979 [6578] DEBUG customerportal - Prepared sql query being executed : select vtiger_users.user_name, vtiger_users.email1 from vtiger_users inner join vtiger_crmentity on vtiger_users.id = vtiger_crmentity.smownerid inner join vtiger_contactdetails on vtiger_contactdetails.contactid=vtiger_crmentity.crmid where vtiger_contactdetails.email =?
>>> Thu Sep 29 09:56:23 2016,980 [6578] DEBUG customerportal - Prepared sql query parameters : [alan at hidden.co.uk <mailto:alan at hidden.co.uk>]
>>> Thu Sep 29 09:56:23 2016,983 [6578] DEBUG customerportal - Prepared sql query being executed : SELECT * FROM vtiger_tab
>>> Thu Sep 29 09:56:24 2016,002 [6578] DEBUG customerportal - Prepared sql query being executed : SELECT fieldname,modulename,tablename,entityidfield,entityidcolumn from vtiger_entityname
>>> Thu Sep 29 09:56:24 2016,007 [6578] DEBUG customerportal - Prepared sql query being executed : select * from vtiger_systems where server_type=?
>>> Thu Sep 29 09:56:24 2016,007 [6578] DEBUG customerportal - Prepared sql query parameters : [email]
>>> Thu Sep 29 09:56:24 2016,044 [6578] INFO VT - PearDatabase ->Exit from send_mail_for_password. false@@@<b></b>
>>> Thu Sep 29 09:56:24 2016,044 [6578] DEBUG customerportal - Exiting customer portal function send_mail_for_password
>> 
>> In the function above I see the comment:
>> 
>>> 	// We no longer have the original password!
>>> 	if (!empty($adb->query_result($res, 0, 'cryptmode'))) {
>>> 		$password = '*****';
>>> 		// TODO - we need to send link to reset the password
>>> 		// For now CRM user can do the same.
>>> 	}
>> 
>> I see a glaring issue with this function in that it uses $mod_strings... As far as I can tell this is *non-existent* in vtiger 6.
>> 
>> The queries seem to me to be trying to create an email which would be sent to the Contact's Assigned User? But on my system it never gets sent, but because of the $mod_strings issue I have no idea which error was trapped.
>> 
>> Has anyone tested this before?
>> 
>> Thanks
>> 
>> Al
>> 
>> 
>> What is this function supposed to do?
>> 
>> 
>> 
>> 
>> _______________________________________________
>> http://www.vtiger.com/ <http://www.vtiger.com/>
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.vtigercrm.com/pipermail/vtigercrm-developers/attachments/20161009/c84d7815/attachment.html>


More information about the vtigercrm-developers mailing list