Better Password Recovery
By default X-Cart sends the user's password in clear text via email when they try to recover their password. This is stupid and easily fixed with a few lines of code. This mod will set the user's password to a random string, email them that string, and force them to reset their password on next login. Yeah, I know a password is still sent in plain text, but at least it is not their actual password they were using and are probably going to set it back to.
Here are the changes you need to make (4.1.9). ADD this function to include/func/func.core.php Code:
function createRandomPassword() { This function is compliments of http://www.totallyphp.co.uk/code/create_a_random_password.htm, I was lazy...:wink: CHANGE include/help.php Code:
foreach ($accounts as $key => $account) { TO: Code:
foreach ($accounts as $key => $account) { Now you need to change your email templates. If you are using plain text email edit the template in skin1/mail/. If you are using HTML email edit the template in skin1/mail/html. password_recover.tpl Plain Text FROM Code:
{$lng.lbl_password|truncate:$max_truncate:"...":true|cat:":"|string_format:$max_space}{$accounts[acc_num].password} Code:
Your password has been reset. Your new password is now ($newpassword). Please change you password when you login. HTML FROM Code:
<td><tt>{$lng.lbl_password}:</tt></td> TO Code:
<td><tt>Your password has been reset.<br><br>Your new password is now {$newpassword}.<br><br>You will be required to change your password at next logon.</tt></td> Make sure to check your colspan attrib in your TDs. I consolidated the 3 columns to 1. Cheers & Happy Coding, |
Re: Better Password Recovery
This didn't work for me. My test account has multiple login names with the same email, so I'm not sure if that was the issue.
The temporary password sent in the email did not allow me to login. I had to change it in admin. |
Re: Better Password Recovery
works in version 4.1.12
Thanks very much for a great snippet... Tony |
All times are GMT -8. The time now is 10:17 PM. |
Powered by vBulletin Version 3.5.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.