Comments (28)
Your feedback is highly appreciated.
Password forgotten function implemented.
from socialnetwork.
Awesome, but maybe you should send a link out once someone requests their password changed. Then when they click on that it will reset. Right now it's possible to reset anyones password.
from socialnetwork.
I will try to improve the process, thx for your feedback
from socialnetwork.
okay, now we have a new pw reset process.
1.) user gets a mail with confirmation url.
2.) password will be send to user after confirmation url is clicked.
3.) user can change random generated pw via settings...
from socialnetwork.
It doesn't send the generated password after clicking on the confirm link.
from socialnetwork.
i tried just one time and it worked ... let me try it again ..
from socialnetwork.
It was the demo I tried on.
from socialnetwork.
demo works for me, but i noticed that mails came from [email protected].
so for sure some mail server will block this "example.com" domain.
from socialnetwork.
But that should work as long as the sender e-mail exists? I get the reset request from [email protected], but nothing when I click reset. Does it send from same e-mail?
from socialnetwork.
i just changed the from part.
But that should work as long as the sender e-mail exists?
Nope it depends on the receiver's mail server...
Strange, can you send me the confirmation link please, thx
from socialnetwork.
Here's the link, http://www.dasmerkendienie.com/user/password/reset/65d2ea03425887a717c435081cfc5dbb/
from socialnetwork.
mhm still looks like its a mailserver problem
(host smtp.getontheweb.com[66.36.236.47] said: 451 qq read error (#4.3.0) (in reply to end of DATA command))
from socialnetwork.
That's weird, since it sends the first e-mail.
from socialnetwork.
@besn any clue whats going on here ?
from socialnetwork.
I checked my mail.log and it looks to me like some sort of temporary black- or greylisting.
In between the 451 errors i see lots of timeouts to the same server but the mails get delivered eventually. The "qq read error" doesn't help me much because it seems to be some generic qmail error which might be related a configuration error (unlikely), to a virus-scanner or greylisting.
from socialnetwork.
first of all, the issue itself "password reset" is solved in my opinion!
but i noticed that the password reset mail was flagged as spam.
one of the reason was, i tried to send a html mail without html opening tag.
i solved this issue already, but still its quite confusing that the first mail gets out, but not the
second one....
from socialnetwork.
a broken html mail might upset some spamfilter and could explain why the server refused to accept the message (and probably blocked the server for some time)
from socialnetwork.
we could try to send multipart mails, maybe mail gets more trustworthy, while there is a plain text part...
from socialnetwork.
depending on the spamfilter it might be more happy with a multipart mail then a pure html mail
from socialnetwork.
okay, i added multi part mails, now spamassassin gives me a score of 0, which is pretty good!
from socialnetwork.
We out of ideas? I just tried to reset password for two different email addresses, @yahoo.com and @hotmail.com. None of them worked, it actually didn't reset the password at all. So I believe there is something wrong with the part where it generates a new password. Because I was able to login with the old password and I am still able to do that even after confirming.
from socialnetwork.
that s weird, because it works on my test account ...
maybe it needs some further investigations!
You got the confirmation mail right ?
And after clicking on the confirmation link, no second email came ?
Also you are still able to login with old password, after clicking the confirmation link ?
from socialnetwork.
Yes, I received confirm mail and I confirmed it. Then I received no second mail, but was still able to login with old password.
from socialnetwork.
Also figured the confirm url doesn't expire when its clicked. It keeps using same link in every email
from socialnetwork.
@Phumix mhm i can at least explain why the link does not change...
from socialnetwork.
@andreas83 oh?
from socialnetwork.
Good news, i found the cause and solution.
$user->api_key = md5($_POST['nick']+date("Y-m-d H:i:s"));
new users got always the same api key due wrong string concating ...
i fixed it already in andrea, but need to recreate the api key on demo ...
from socialnetwork.
okay i just reset all api keys.
@Phumix please, try to reset your password again
from socialnetwork.
Related Issues (20)
- Feature Request : Groups
- Security issue HOT 2
- reauth - dos attack HOT 1
- performance issue with db connection manager HOT 8
- missing files HOT 2
- Must be in root directory? HOT 8
- SocialNetwork – Cross-Site Scripting (XSS) HOT 1
- How should I do the permission part when I run this on Windows10? HOT 2
- http2 preload aka server push HOT 4
- [Composer\Downloader\TransportException] Content-Length mismatch HOT 7
- Fatal error: Uncaught Error: Class 'AltoRouter' HOT 1
- some files missing HOT 2
- Sorry Am writing you this because i don't know how to contact you HOT 1
- not working properly HOT 12
- fb login doesn't work anymore. HOT 1
- Comments HOT 1
- migrating away from bower to yarn HOT 2
- Dark theme
- xss issues
- /public/stream Not Found HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from socialnetwork.